Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
18in SPA-198-2024.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\18in SPA-198-2024.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\Ea64OHKq
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 8, database pages 89, cookie
0x36, schema 4, UTF-8, version-valid-for 8
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\18in SPA-198-2024.exe
|
"C:\Users\user\Desktop\18in SPA-198-2024.exe"
|
|
|
|
C:\Users\user\Desktop\18in SPA-198-2024.exe
|
"C:\Users\user\Desktop\18in SPA-198-2024.exe"
|
|
|
|
C:\Users\user\Desktop\18in SPA-198-2024.exe
|
"C:\Users\user\Desktop\18in SPA-198-2024.exe"
|
|
|
|
C:\Program Files (x86)\JGsUfsfkLEFnOUVXpIEOrlgysqKPOBUvlJcqviynHOcrBjfmZdhmJJBY\tWcBthnLrDi.exe
|
"C:\Program Files (x86)\JGsUfsfkLEFnOUVXpIEOrlgysqKPOBUvlJcqviynHOcrBjfmZdhmJJBY\tWcBthnLrDi.exe"
|
|
|
|
C:\Windows\SysWOW64\colorcpl.exe
|
"C:\Windows\SysWOW64\colorcpl.exe"
|
|
|
|
C:\Program Files (x86)\JGsUfsfkLEFnOUVXpIEOrlgysqKPOBUvlJcqviynHOcrBjfmZdhmJJBY\tWcBthnLrDi.exe
|
"C:\Program Files (x86)\JGsUfsfkLEFnOUVXpIEOrlgysqKPOBUvlJcqviynHOcrBjfmZdhmJJBY\tWcBthnLrDi.exe"
|
|
|
|
C:\Program Files\Mozilla Firefox\firefox.exe
|
"C:\Program Files\Mozilla Firefox\Firefox.exe"
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://www.college-help.info/lk0h/
|
38.88.82.56
|
|
|
|
http://www.owinvip.net/17h7/?1Zgl=+i5q+uzPXmftyZtNZWFr8MC7YoCmvyBt3jjX/X3oRNPJ70eO25N0w4zqWgP4747OpVXsIhnZv7nMmjeXISBtoaIRC/e00OgY88L+a0UDDIyF3kq1BSJhp/lI21Ai+QA6UQ==&w6=2vdPP
|
3.33.130.190
|
|
|
|
http://www.7fh27o.vip/l5ty/
|
3.33.130.190
|
|
|
|
http://www.jexiz.shop/li8d/?1Zgl=sm+xvlFNJ8Jn1MAvBLHfFbmpWDRmMBXnhYuDtN4QDuuoOIQ72IBR7vtXSrP0imT8uQD+i024Jy05gJvrsmbroocsQ5/sNLlweHoyZNleSM2rCzfY5hv0qSgJrhCITOEEHg==&w6=2vdPP
|
8.210.3.99
|
|
|
|
http://www.owinvip.net/17h7/
|
3.33.130.190
|
|
|
|
http://www.gucciqueen.shop/x3by/?w6=2vdPP&1Zgl=Gq0m/cYr7UOoL/rfxlXcWcb0PFgu3v+6IQg5KkZ1GbFCfXnP9OdFnXsg+153ZunkN9E3pnQymCUHBFpvF3MPrj7bwNIl4rM9hQX9D40sB8Q0fvNSVLrWgvNkuIucpqHerw==
|
178.79.184.196
|
|
|
|
http://www.givora.site/855d/
|
162.0.231.203
|
|
|
|
http://www.2925588.com/jx6k/
|
103.71.154.12
|
|
|
|
http://www.timizoasisey.shop/3p0l/?1Zgl=4Jzo6X1Gluc/SF20pEVAyAZrEiE76xvvY+EfZYFlmMajnWRT/uq2dkdTzHDiVdaw3QhDvVFcv5rBuyftUViEMVRHp90uGCn944ajrH63wHv4zzWs5+CZDXB+Ld7sX0D68A==&w6=2vdPP
|
188.114.97.3
|
|
|
|
http://www.2925588.com/jx6k/?1Zgl=beqWGJ7SP2hkLKuH8Xmdr/HDPWeS3cMOlVU3zrC7D+GWWG+2bEVKgJQW/9jqYGl3wiT++u8kPbwe1lvFRaGrQmwW5G4wa8+lbGyMUfdWvdM0+8z00F7HMhpKv8gPeACQcQ==&w6=2vdPP
|
103.71.154.12
|
|
|
|
http://www.prediksipreman.fyi/3lre/?1Zgl=/6Vdp+1Y21llHWrnJFgTkMelxgdakbST517P2ezUMEZQpYm2I4KB95g+5G1ZwATxC5oRicPrlKz7UaUXu7WnWVF0YU8xlLcjqFiWcTqSDyUhRRfYLZXOVM1ZwNUIzk+NCQ==&w6=2vdPP
|
162.0.215.244
|
|
|
|
http://www.meanttobebroken.org/9g6s/
|
141.193.213.10
|
|
|
|
http://www.prediksipreman.fyi/3lre/
|
162.0.215.244
|
|
|
|
http://www.timizoasisey.shop/3p0l/
|
188.114.97.3
|
|
|
|
http://www.jexiz.shop/li8d/
|
8.210.3.99
|
|
|
|
http://www.wrl-llc.net/6o8s/
|
3.33.130.190
|
|
|
|
http://www.ila.beauty/izfe/?1Zgl=ZqR1VSau/njxt8ya9FYdrisRnPwESR8PWK+oFQcVqsUu7dENmwaUoGLSs5vyS4FhQGGlB6r8hHtwTYfK8h1233SUSY5+fAIxnLEAPxNpmpufjlKG3bng8CVsKsGNybcU1g==&w6=2vdPP
|
13.248.169.48
|
|
|
|
http://www.rebel.tienda/7n9v/
|
199.59.243.227
|
|
|
|
http://www.gucciqueen.shop/x3by/
|
178.79.184.196
|
|
|
|
http://www.givora.site/855d/?1Zgl=2B0ERzH0P28lwthSCfczi4+l4RSaGiycEDtAIyO4xBEaITWb1iLHHs/q7NYM0I/g8MkSYcfxzku7nIYL4eoS8eZDgAyht6z65PzZnN779aUYRwuiIRWQuovW44/rxTRHXQ==&w6=2vdPP
|
162.0.231.203
|
|
|
|
http://www.ila.beauty/izfe/
|
13.248.169.48
|
|
|
|
https://duckduckgo.com/chrome_newtab
|
unknown
|
||
|
https://duckduckgo.com/ac/?q=
|
unknown
|
||
|
https://www.google.com/images/branding/product/ico/googleg_lodp.ico
|
unknown
|
||
|
https://www.jexiz.shop/li8d/?1Zgl=sm
|
unknown
|
||
|
http://meanttobebroken.org/9g6s/?1Zgl=l/X
|
unknown
|
||
|
http://tempuri.org/Gamee.xsd7PoisonRoulette.GameResource
|
unknown
|
||
|
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
|
unknown
|
||
|
https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
|
unknown
|
||
|
https://www.ecosia.org/newtab/
|
unknown
|
||
|
https://ac.ecosia.org/autocomplete?q=
|
unknown
|
||
|
https://www.google.com
|
unknown
|
||
|
http://cpanel.com/?utm_source=cpanelwhm&utm_medium=cplogo&utm_content=logolink&utm_campaign=404refer
|
unknown
|
||
|
https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search
|
unknown
|
||
|
http://www.timizoasisey.shop
|
unknown
|
||
|
https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=
|
unknown
|
There are 26 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
www.rebel.tienda
|
199.59.243.227
|
|
|
|
www.timizoasisey.shop
|
188.114.97.3
|
|
|
|
jexiz.shop
|
8.210.3.99
|
|
|
|
7fh27o.vip
|
3.33.130.190
|
|
|
|
prediksipreman.fyi
|
162.0.215.244
|
|
|
|
www.ila.beauty
|
13.248.169.48
|
|
|
|
www.givora.site
|
162.0.231.203
|
|
|
|
www.college-help.info
|
38.88.82.56
|
|
|
|
owinvip.net
|
3.33.130.190
|
|
|
|
ladylawher.org
|
3.33.130.190
|
|
|
|
gucciqueen.shop
|
178.79.184.196
|
|
|
|
www.meanttobebroken.org
|
141.193.213.10
|
|
|
|
www.2925588.com
|
103.71.154.12
|
|
|
|
wrl-llc.net
|
3.33.130.190
|
|
|
|
www.prediksipreman.fyi
|
unknown
|
||
|
www.7fh27o.vip
|
unknown
|
||
|
www.ladylawher.org
|
unknown
|
||
|
www.wrl-llc.net
|
unknown
|
||
|
www.gucciqueen.shop
|
unknown
|
||
|
www.jexiz.shop
|
unknown
|
||
|
www.xtelify.tech
|
unknown
|
||
|
www.owinvip.net
|
unknown
|
There are 12 hidden domains, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
141.193.213.10
|
www.meanttobebroken.org
|
United States
|
|
|
|
162.0.215.244
|
prediksipreman.fyi
|
Canada
|
|
|
|
13.248.169.48
|
www.ila.beauty
|
United States
|
|
|
|
162.0.231.203
|
www.givora.site
|
Canada
|
|
|
|
188.114.97.3
|
www.timizoasisey.shop
|
European Union
|
|
|
|
38.88.82.56
|
www.college-help.info
|
United States
|
|
|
|
178.79.184.196
|
gucciqueen.shop
|
United Kingdom
|
|
|
|
103.71.154.12
|
www.2925588.com
|
Hong Kong
|
|
|
|
199.59.243.227
|
www.rebel.tienda
|
United States
|
|
|
|
3.33.130.190
|
7fh27o.vip
|
United States
|
|
|
|
8.210.3.99
|
jexiz.shop
|
Singapore
|
|
There are 1 hidden IPs, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
5070000
|
trusted library allocation
|
page read and write
|
|
|
|
5800000
|
system
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
50C0000
|
trusted library allocation
|
page read and write
|
|
|
|
1130000
|
unclassified section
|
page execute and read and write
|
|
|
|
2A30000
|
unclassified section
|
page execute and read and write
|
|
|
|
32F0000
|
system
|
page execute and read and write
|
|
|
|
4020000
|
unkown
|
page execute and read and write
|
|
|
|
EE0000
|
heap
|
page read and write
|
||
|
216160CE000
|
trusted library allocation
|
page read and write
|
||
|
6C78000
|
unclassified section
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
21615F03000
|
trusted library allocation
|
page read and write
|
||
|
3F8E000
|
unkown
|
page read and write
|
||
|
4A92000
|
trusted library allocation
|
page read and write
|
||
|
25A1000
|
trusted library allocation
|
page read and write
|
||
|
F38000
|
heap
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
4F29000
|
heap
|
page read and write
|
||
|
216144D0000
|
heap
|
page read and write
|
||
|
3431000
|
heap
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
390F9FE000
|
stack
|
page read and write
|
||
|
873A000
|
heap
|
page read and write
|
||
|
F70000
|
heap
|
page read and write
|
||
|
3000000
|
unkown
|
page readonly
|
||
|
EBE000
|
stack
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
8713000
|
heap
|
page read and write
|
||
|
37E0000
|
heap
|
page read and write
|
||
|
1491000
|
direct allocation
|
page execute and read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
2EF0000
|
heap
|
page read and write
|
||
|
F7A000
|
heap
|
page read and write
|
||
|
33EB000
|
heap
|
page read and write
|
||
|
D10000
|
heap
|
page read and write
|
||
|
21615CE0000
|
heap
|
page read and write
|
||
|
5502000
|
direct allocation
|
page execute and read and write
|
||
|
AED000
|
trusted library allocation
|
page execute and read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
169F000
|
stack
|
page read and write
|
||
|
88B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
58DC000
|
unclassified section
|
page read and write
|
||
|
2E50000
|
unkown
|
page readonly
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
4A53000
|
heap
|
page read and write
|
||
|
35A1000
|
trusted library allocation
|
page read and write
|
||
|
4A70000
|
heap
|
page read and write
|
||
|
6F9C000
|
unclassified section
|
page read and write
|
||
|
2ED0000
|
unkown
|
page read and write
|
||
|
571C000
|
unclassified section
|
page read and write
|
||
|
1630000
|
unclassified section
|
page execute and read and write
|
||
|
1430000
|
unkown
|
page read and write
|
||
|
C07000
|
heap
|
page read and write
|
||
|
5028000
|
unkown
|
page execute and read and write
|
||
|
8620000
|
heap
|
page read and write
|
||
|
6954000
|
unclassified section
|
page read and write
|
||
|
E50000
|
unkown
|
page readonly
|
||
|
216143E0000
|
heap
|
page read and write
|
||
|
86E2000
|
heap
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
9AA000
|
stack
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
86F6000
|
heap
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
51B5000
|
heap
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
1330000
|
unkown
|
page readonly
|
||
|
97F000
|
stack
|
page read and write
|
||
|
147F000
|
heap
|
page read and write
|
||
|
8AAE000
|
stack
|
page read and write
|
||
|
21615F11000
|
trusted library allocation
|
page read and write
|
||
|
4BC5000
|
heap
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
E01000
|
unkown
|
page readonly
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
2B30000
|
unkown
|
page readonly
|
||
|
F30000
|
heap
|
page read and write
|
||
|
F60000
|
unkown
|
page readonly
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
5A5C000
|
unkown
|
page read and write
|
||
|
35A9000
|
trusted library allocation
|
page read and write
|
||
|
21616000000
|
trusted library allocation
|
page read and write
|
||
|
12FC000
|
stack
|
page read and write
|
||
|
2ACF000
|
stack
|
page read and write
|
||
|
4BB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
670000
|
heap
|
page read and write
|
||
|
86EB000
|
heap
|
page read and write
|
||
|
49E0000
|
trusted library allocation
|
page read and write
|
||
|
86E6000
|
heap
|
page read and write
|
||
|
BE0000
|
trusted library allocation
|
page read and write
|
||
|
874C000
|
heap
|
page read and write
|
||
|
3A38000
|
unclassified section
|
page execute and read and write
|
||
|
D20000
|
direct allocation
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
1350000
|
heap
|
page read and write
|
||
|
1460000
|
heap
|
page read and write
|
||
|
F50000
|
unkown
|
page readonly
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
3431000
|
heap
|
page read and write
|
||
|
4120000
|
unkown
|
page read and write
|
||
|
1450000
|
unkown
|
page read and write
|
||
|
67A000
|
heap
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
245B000
|
trusted library allocation
|
page read and write
|
||
|
1460000
|
heap
|
page read and write
|
||
|
5877000
|
system
|
page execute and read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
B9E000
|
stack
|
page read and write
|
||
|
D00000
|
unkown
|
page readonly
|
||
|
1170000
|
unkown
|
page readonly
|
||
|
4C20000
|
trusted library allocation
|
page read and write
|
||
|
FDA000
|
stack
|
page read and write
|
||
|
E51000
|
unkown
|
page execute read
|
||
|
58DA000
|
system
|
page execute and read and write
|
||
|
F10000
|
unkown
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
E65000
|
unkown
|
page read and write
|
||
|
21615F00000
|
trusted library allocation
|
page read and write
|
||
|
29C0000
|
heap
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
3421000
|
heap
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
1170000
|
unkown
|
page readonly
|
||
|
67E000
|
heap
|
page read and write
|
||
|
B30000
|
trusted library allocation
|
page read and write
|
||
|
216144C0000
|
heap
|
page read and write
|
||
|
4A20000
|
trusted library allocation
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
4E6E000
|
stack
|
page read and write
|
||
|
4AD0000
|
trusted library section
|
page readonly
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
112F000
|
stack
|
page read and write
|
||
|
4E70000
|
heap
|
page read and write
|
||
|
1340000
|
heap
|
page read and write
|
||
|
610000
|
heap
|
page read and write
|
||
|
6D4E000
|
stack
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
E51000
|
unkown
|
page execute read
|
||
|
5602000
|
unclassified section
|
page read and write
|
||
|
4F25000
|
heap
|
page read and write
|
||
|
106F000
|
unkown
|
page read and write
|
||
|
1320000
|
unkown
|
page readonly
|
||
|
85EE000
|
stack
|
page read and write
|
||
|
86D6000
|
heap
|
page read and write
|
||
|
282A000
|
trusted library allocation
|
page read and write
|
||
|
751D000
|
stack
|
page read and write
|
||
|
2FFF000
|
stack
|
page read and write
|
||
|
8750000
|
heap
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
21615F0F000
|
trusted library allocation
|
page read and write
|
||
|
2EC0000
|
unkown
|
page read and write
|
||
|
35CE000
|
stack
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
2EF4000
|
heap
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
E10000
|
unkown
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
39109FF000
|
stack
|
page read and write
|
||
|
8717000
|
heap
|
page read and write
|
||
|
8759000
|
heap
|
page read and write
|
||
|
16A0000
|
unkown
|
page readonly
|
||
|
3620000
|
unkown
|
page execute and read and write
|
||
|
4F8C000
|
heap
|
page read and write
|
||
|
4A00000
|
trusted library allocation
|
page read and write
|
||
|
AF0000
|
trusted library allocation
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
3473000
|
heap
|
page read and write
|
||
|
930000
|
unkown
|
page readonly
|
||
|
33A4000
|
heap
|
page read and write
|
||
|
535E000
|
direct allocation
|
page execute and read and write
|
||
|
862B000
|
heap
|
page read and write
|
||
|
8D8F000
|
stack
|
page read and write
|
||
|
86E8000
|
heap
|
page read and write
|
||
|
159E000
|
stack
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
620000
|
heap
|
page read and write
|
||
|
4BA0000
|
heap
|
page read and write
|
||
|
2C20000
|
unkown
|
page execute and read and write
|
||
|
870C000
|
heap
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
875E000
|
heap
|
page read and write
|
||
|
116F000
|
stack
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
33CC000
|
unkown
|
page read and write
|
||
|
697000
|
heap
|
page read and write
|
||
|
51C0000
|
direct allocation
|
page execute and read and write
|
||
|
6D92000
|
heap
|
page read and write
|
||
|
340A000
|
heap
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
4AF0000
|
heap
|
page read and write
|
||
|
E65000
|
unkown
|
page read and write
|
||
|
6630000
|
unclassified section
|
page read and write
|
||
|
216142F0000
|
system
|
page execute and read and write
|
||
|
21615F14000
|
trusted library allocation
|
page read and write
|
||
|
E51000
|
unkown
|
page execute read
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
B1B000
|
trusted library allocation
|
page execute and read and write
|
||
|
4E80000
|
heap
|
page read and write
|
||
|
8754000
|
heap
|
page read and write
|
||
|
8747000
|
heap
|
page read and write
|
||
|
4444000
|
unkown
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
AE4000
|
trusted library allocation
|
page read and write
|
||
|
33E6000
|
heap
|
page read and write
|
||
|
33EC000
|
heap
|
page read and write
|
||
|
4F7C000
|
heap
|
page read and write
|
||
|
390E9FB000
|
stack
|
page read and write
|
||
|
3426000
|
heap
|
page read and write
|
||
|
6D5C000
|
heap
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
E40000
|
unkown
|
page readonly
|
||
|
1468000
|
heap
|
page read and write
|
||
|
5017000
|
heap
|
page read and write
|
||
|
6B8000
|
heap
|
page read and write
|
||
|
55C0000
|
trusted library allocation
|
page read and write
|
||
|
3460000
|
heap
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
216160BE000
|
trusted library allocation
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
67C2000
|
trusted library allocation
|
page read and write
|
||
|
595C000
|
unkown
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
4E94000
|
heap
|
page read and write
|
||
|
3447000
|
heap
|
page read and write
|
||
|
1528000
|
direct allocation
|
page execute and read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
E50000
|
unkown
|
page readonly
|
||
|
1A31000
|
unkown
|
page readonly
|
||
|
39101FF000
|
stack
|
page read and write
|
||
|
D10000
|
heap
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
B40000
|
trusted library allocation
|
page execute and read and write
|
||
|
1320000
|
unkown
|
page readonly
|
||
|
14342000
|
system
|
page read and write
|
||
|
4E69000
|
heap
|
page read and write
|
||
|
33E6000
|
heap
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
30F2000
|
unkown
|
page read and write
|
||
|
EFE000
|
stack
|
page read and write
|
||
|
86C0000
|
trusted library allocation
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
1501000
|
unkown
|
page readonly
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
216144EF000
|
heap
|
page read and write
|
||
|
71F3000
|
trusted library allocation
|
page read and write
|
||
|
3431000
|
heap
|
page read and write
|
||
|
216144DC000
|
heap
|
page read and write
|
||
|
67C2000
|
unclassified section
|
page read and write
|
||
|
2B30000
|
unkown
|
page readonly
|
||
|
49F5000
|
trusted library allocation
|
page read and write
|
||
|
1310000
|
unkown
|
page readonly
|
||
|
2EF0000
|
heap
|
page read and write
|
||
|
33E6000
|
heap
|
page read and write
|
||
|
31B2000
|
unkown
|
page read and write
|
||
|
4AA0000
|
trusted library allocation
|
page read and write
|
||
|
4A8C000
|
unkown
|
page read and write
|
||
|
E3DE000
|
stack
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
14AD000
|
direct allocation
|
page execute and read and write
|
||
|
4C3A000
|
trusted library allocation
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
E50000
|
unkown
|
page readonly
|
||
|
5CC4000
|
unclassified section
|
page read and write
|
||
|
21614510000
|
heap
|
page read and write
|
||
|
1441000
|
unkown
|
page readonly
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
920000
|
unkown
|
page readonly
|
||
|
8731000
|
heap
|
page read and write
|
||
|
42B2000
|
unkown
|
page read and write
|
||
|
4628000
|
unkown
|
page execute and read and write
|
||
|
2B24000
|
heap
|
page read and write
|
||
|
9F0000
|
unkown
|
page readonly
|
||
|
14A6000
|
direct allocation
|
page execute and read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
390F1FE000
|
stack
|
page read and write
|
||
|
4F20000
|
heap
|
page read and write
|
||
|
3C6A000
|
unkown
|
page read and write
|
||
|
4768000
|
unkown
|
page read and write
|
||
|
2471000
|
trusted library allocation
|
page read and write
|
||
|
2EF4000
|
heap
|
page read and write
|
||
|
52ED000
|
direct allocation
|
page execute and read and write
|
||
|
F7E000
|
heap
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
21615D00000
|
trusted library allocation
|
page read and write
|
||
|
469C000
|
stack
|
page read and write
|
||
|
E20000
|
heap
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
1350000
|
heap
|
page read and write
|
||
|
A5C000
|
stack
|
page read and write
|
||
|
B12000
|
trusted library allocation
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
49F0000
|
trusted library allocation
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
CCE000
|
stack
|
page read and write
|
||
|
E67000
|
unkown
|
page readonly
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
5140000
|
heap
|
page read and write
|
||
|
1330000
|
unkown
|
page readonly
|
||
|
4E9F000
|
heap
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
1430000
|
unkown
|
page read and write
|
||
|
8750000
|
heap
|
page read and write
|
||
|
E67000
|
unkown
|
page readonly
|
||
|
E41E000
|
stack
|
page read and write
|
||
|
5883000
|
system
|
page execute and read and write
|
||
|
12FC000
|
stack
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
21615F0A000
|
trusted library allocation
|
page read and write
|
||
|
1441000
|
unkown
|
page readonly
|
||
|
E5E000
|
unkown
|
page readonly
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
E2DE000
|
stack
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
F60000
|
unkown
|
page readonly
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
E67000
|
unkown
|
page readonly
|
||
|
86DB000
|
heap
|
page read and write
|
||
|
E65000
|
unkown
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
AFD000
|
trusted library allocation
|
page execute and read and write
|
||
|
33A4000
|
heap
|
page read and write
|
||
|
D00000
|
unkown
|
page readonly
|
||
|
2B20000
|
heap
|
page read and write
|
||
|
29C0000
|
heap
|
page read and write
|
||
|
E67000
|
unkown
|
page readonly
|
||
|
5491000
|
direct allocation
|
page execute and read and write
|
||
|
B17000
|
trusted library allocation
|
page execute and read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
1310000
|
unkown
|
page readonly
|
||
|
65C0000
|
heap
|
page read and write
|
||
|
33C0000
|
heap
|
page read and write
|
||
|
3B7000
|
stack
|
page read and write
|
||
|
9E0000
|
unkown
|
page readonly
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
152000
|
unkown
|
page readonly
|
||
|
E5E000
|
unkown
|
page readonly
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
33E6000
|
heap
|
page read and write
|
||
|
259E000
|
stack
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
BF0000
|
trusted library allocation
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
56C2000
|
unclassified section
|
page read and write
|
||
|
8754000
|
heap
|
page read and write
|
||
|
216160B3000
|
trusted library allocation
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
33DB000
|
heap
|
page read and write
|
||
|
4C50000
|
trusted library section
|
page read and write
|
||
|
247D000
|
trusted library allocation
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
4A90000
|
trusted library allocation
|
page read and write
|
||
|
65CE000
|
heap
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
9BE000
|
stack
|
page read and write
|
||
|
3946000
|
unkown
|
page read and write
|
||
|
33EC000
|
heap
|
page read and write
|
||
|
E65000
|
unkown
|
page read and write
|
||
|
216160C4000
|
trusted library allocation
|
page read and write
|
||
|
7450000
|
trusted library section
|
page read and write
|
||
|
E50000
|
unkown
|
page readonly
|
||
|
6D50000
|
heap
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
BDC000
|
stack
|
page read and write
|
||
|
2030000
|
unclassified section
|
page execute and read and write
|
||
|
F70000
|
heap
|
page read and write
|
||
|
B02000
|
trusted library allocation
|
page read and write
|
||
|
3447000
|
heap
|
page read and write
|
||
|
1309000
|
direct allocation
|
page execute and read and write
|
||
|
344C000
|
heap
|
page read and write
|
||
|
2EAE000
|
stack
|
page read and write
|
||
|
E51E000
|
stack
|
page read and write
|
||
|
71E0000
|
trusted library allocation
|
page read and write
|
||
|
4FF0000
|
trusted library allocation
|
page read and write
|
||
|
1450000
|
unkown
|
page read and write
|
||
|
E5E000
|
unkown
|
page readonly
|
||
|
E10000
|
unkown
|
page read and write
|
||
|
4F70000
|
trusted library allocation
|
page read and write
|
||
|
35E5000
|
trusted library allocation
|
page read and write
|
||
|
2476000
|
trusted library allocation
|
page read and write
|
||
|
E01000
|
unkown
|
page readonly
|
||
|
3DFC000
|
unkown
|
page read and write
|
||
|
3370000
|
heap
|
page read and write
|
||
|
B0A000
|
trusted library allocation
|
page execute and read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
6C4E000
|
stack
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
B00000
|
trusted library allocation
|
page read and write
|
||
|
C00000
|
heap
|
page read and write
|
||
|
3450000
|
heap
|
page read and write
|
||
|
FDA000
|
stack
|
page read and write
|
||
|
4C30000
|
trusted library allocation
|
page read and write
|
||
|
2EC0000
|
unkown
|
page read and write
|
||
|
86D1000
|
heap
|
page read and write
|
||
|
D80000
|
heap
|
page read and write
|
||
|
F7A000
|
heap
|
page read and write
|
||
|
89AE000
|
stack
|
page read and write
|
||
|
874B000
|
heap
|
page read and write
|
||
|
B50000
|
heap
|
page execute and read and write
|
||
|
82F0000
|
trusted library allocation
|
page read and write
|
||
|
16A0000
|
unkown
|
page readonly
|
||
|
756E000
|
stack
|
page read and write
|
||
|
E5E000
|
unkown
|
page readonly
|
||
|
1345000
|
heap
|
page read and write
|
||
|
F10000
|
unkown
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
8741000
|
heap
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
3000000
|
unkown
|
page readonly
|
||
|
4BC0000
|
heap
|
page read and write
|
||
|
45D6000
|
unkown
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
4E8D000
|
heap
|
page read and write
|
||
|
33C8000
|
heap
|
page read and write
|
||
|
21614344000
|
system
|
page execute and read and write
|
||
|
2E50000
|
unkown
|
page readonly
|
||
|
F70000
|
unkown
|
page readonly
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
E20000
|
heap
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
4A50000
|
heap
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
7EF90000
|
trusted library allocation
|
page execute and read and write
|
||
|
3435000
|
heap
|
page read and write
|
||
|
3489000
|
heap
|
page read and write
|
||
|
3457000
|
heap
|
page read and write
|
||
|
630000
|
heap
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
33DD000
|
heap
|
page read and write
|
||
|
6F46000
|
heap
|
page read and write
|
||
|
2BA000
|
stack
|
page read and write
|
||
|
8734000
|
heap
|
page read and write
|
||
|
940000
|
unkown
|
page readonly
|
||
|
4A80000
|
trusted library allocation
|
page execute and read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
D70000
|
heap
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
5867000
|
system
|
page execute and read and write
|
||
|
3038000
|
unclassified section
|
page execute and read and write
|
||
|
F7E000
|
heap
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
5110000
|
trusted library allocation
|
page read and write
|
||
|
6B1000
|
heap
|
page read and write
|
||
|
21615D00000
|
trusted library allocation
|
page read and write
|
||
|
3AD8000
|
unkown
|
page read and write
|
||
|
5050000
|
heap
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
8747000
|
heap
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
2B20000
|
heap
|
page read and write
|
||
|
920000
|
unkown
|
page readonly
|
||
|
343A000
|
heap
|
page read and write
|
||
|
2B24000
|
heap
|
page read and write
|
||
|
6D9E000
|
heap
|
page read and write
|
||
|
33DB000
|
heap
|
page read and write
|
||
|
34AE000
|
heap
|
page read and write
|
||
|
617A000
|
unclassified section
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
D10000
|
heap
|
page read and write
|
||
|
F70000
|
unkown
|
page readonly
|
||
|
360F000
|
stack
|
page read and write
|
||
|
2775000
|
trusted library allocation
|
page read and write
|
||
|
930000
|
unkown
|
page readonly
|
||
|
AD0000
|
trusted library allocation
|
page read and write
|
||
|
48FA000
|
unkown
|
page read and write
|
||
|
548D000
|
direct allocation
|
page execute and read and write
|
||
|
159E000
|
stack
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
CFC000
|
stack
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
3466000
|
heap
|
page read and write
|
||
|
D0E000
|
stack
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
3380000
|
heap
|
page read and write
|
||
|
3435000
|
heap
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
320C000
|
unkown
|
page read and write
|
||
|
86E1000
|
heap
|
page read and write
|
||
|
72F000
|
heap
|
page read and write
|
||
|
1468000
|
heap
|
page read and write
|
||
|
E51000
|
unkown
|
page execute read
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
871D000
|
heap
|
page read and write
|
||
|
660000
|
heap
|
page read and write
|
||
|
6E0A000
|
unclassified section
|
page read and write
|
||
|
5E56000
|
unclassified section
|
page read and write
|
||
|
6AE6000
|
unclassified section
|
page read and write
|
||
|
B06000
|
trusted library allocation
|
page execute and read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
8626000
|
heap
|
page read and write
|
||
|
2490000
|
heap
|
page read and write
|
||
|
8D4E000
|
stack
|
page read and write
|
||
|
21616001000
|
trusted library allocation
|
page read and write
|
||
|
3460000
|
heap
|
page read and write
|
||
|
55C0000
|
trusted library allocation
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
1A31000
|
unkown
|
page readonly
|
||
|
162F000
|
stack
|
page read and write
|
||
|
327B000
|
stack
|
page read and write
|
||
|
3447000
|
heap
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
3435000
|
heap
|
page read and write
|
||
|
1340000
|
heap
|
page read and write
|
||
|
21615F21000
|
trusted library allocation
|
page read and write
|
||
|
216144EA000
|
heap
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
875A000
|
heap
|
page read and write
|
||
|
246E000
|
trusted library allocation
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
6A4000
|
heap
|
page read and write
|
||
|
4EA4000
|
heap
|
page read and write
|
||
|
5FE8000
|
unclassified section
|
page read and write
|
||
|
9E0000
|
unkown
|
page readonly
|
||
|
87E000
|
stack
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
4C0B000
|
stack
|
page read and write
|
||
|
86D0000
|
heap
|
page read and write
|
||
|
8970000
|
heap
|
page read and write
|
||
|
AE0000
|
trusted library allocation
|
page read and write
|
||
|
AF3000
|
trusted library allocation
|
page read and write
|
||
|
33A4000
|
heap
|
page read and write
|
||
|
150000
|
unkown
|
page readonly
|
||
|
4AE0000
|
heap
|
page execute and read and write
|
||
|
33E6000
|
heap
|
page read and write
|
||
|
348F000
|
heap
|
page read and write
|
||
|
1501000
|
unkown
|
page readonly
|
||
|
DF0000
|
unkown
|
page read and write
|
||
|
630C000
|
unclassified section
|
page read and write
|
||
|
21615D00000
|
trusted library allocation
|
page read and write
|
||
|
F50000
|
unkown
|
page readonly
|
||
|
6D52000
|
heap
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
14282000
|
system
|
page read and write
|
||
|
169F000
|
stack
|
page read and write
|
||
|
23B8000
|
trusted library allocation
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
33A0000
|
heap
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
2E60000
|
heap
|
page read and write
|
||
|
4C40000
|
trusted library allocation
|
page execute and read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
ABF000
|
stack
|
page read and write
|
||
|
3466000
|
heap
|
page read and write
|
||
|
345D000
|
heap
|
page read and write
|
||
|
345D000
|
heap
|
page read and write
|
||
|
635000
|
heap
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
343A000
|
heap
|
page read and write
|
||
|
14944000
|
system
|
page read and write
|
||
|
9AA000
|
stack
|
page read and write
|
||
|
940000
|
unkown
|
page readonly
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
8756000
|
heap
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
5900000
|
unkown
|
page read and write
|
||
|
55E0000
|
trusted library allocation
|
page read and write
|
||
|
3DFA000
|
trusted library allocation
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
85AE000
|
stack
|
page read and write
|
||
|
33CC000
|
unkown
|
page read and write
|
||
|
9F0000
|
unkown
|
page readonly
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
5510000
|
trusted library allocation
|
page execute and read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
649E000
|
unclassified section
|
page read and write
|
||
|
37B4000
|
unkown
|
page read and write
|
||
|
33E6000
|
heap
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
5000000
|
trusted library allocation
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
216144F2000
|
heap
|
page read and write
|
||
|
11E0000
|
direct allocation
|
page execute and read and write
|
||
|
130D000
|
direct allocation
|
page execute and read and write
|
||
|
BB0000
|
heap
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
71F0000
|
trusted library allocation
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
1455C000
|
system
|
page read and write
|
||
|
55C0000
|
trusted library allocation
|
page read and write
|
||
|
3473000
|
heap
|
page read and write
|
||
|
2E60000
|
heap
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
585E000
|
system
|
page execute and read and write
|
||
|
6D68000
|
heap
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
5144000
|
heap
|
page read and write
|
||
|
1439C000
|
system
|
page read and write
|
||
|
3493000
|
heap
|
page read and write
|
||
|
DF0000
|
unkown
|
page read and write
|
||
|
E0E0000
|
heap
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
4C70000
|
heap
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
32B8000
|
stack
|
page read and write
|
||
|
B5B000
|
stack
|
page read and write
|
||
|
2834000
|
trusted library allocation
|
page read and write
|
||
|
21615E50000
|
heap
|
page read and write
|
||
|
5885000
|
system
|
page execute and read and write
|
||
|
4E70000
|
heap
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
3499000
|
heap
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
CFC000
|
stack
|
page read and write
|
||
|
E40000
|
unkown
|
page readonly
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
E55E000
|
stack
|
page read and write
|
||
|
AE3000
|
trusted library allocation
|
page execute and read and write
|
||
|
2450000
|
trusted library allocation
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
343A000
|
heap
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
216144CA000
|
heap
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
30F2000
|
unkown
|
page read and write
|
||
|
52E9000
|
direct allocation
|
page execute and read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
137E000
|
direct allocation
|
page execute and read and write
|
There are 651 hidden memdumps, click here to show them.