Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
setup.exe
|
PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_odbjwjnw.cj4.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_su3a0sij.kp2.ps1
|
ASCII text, with no line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\setup.exe
|
"C:\Users\user\Desktop\setup.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
powershell -exec bypass <!DOCTYPE html> <!--[if lt IE 7]> <html class="no-js ie6 oldie" lang="en-US"> <![endif]--> <!--[if
IE 7]> <html class="no-js ie7 oldie" lang="en-US"> <![endif]--> <!--[if IE 8]> <html class="no-js ie8 oldie" lang="en-US">
<![endif]--> <!--[if gt IE 8]><!--> <html class="no-js" lang="en-US"> <!--<![endif]--> <head> <title>Suspected phishing site
| Cloudflare</title> <meta charset="UTF-8" /> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> <meta
http-equiv="X-UA-Compatible" content="IE=Edge" /> <meta name="robots" content="noindex, nofollow" /> <meta name="viewport"
content="width=device-width,initial-scale=1" /> <link rel="stylesheet" id="cf_styles-css" href="/cdn-cgi/styles/cf.errors.css"
/> <!--[if lt IE 9]><link rel="stylesheet" id='cf_styles-ie-css' href="/cdn-cgi/styles/cf.errors.ie.css" /><![endif]--> <style>body{margin:0;padding:0}</style>
<!--[if gte IE 10]><!--> <script> if (!navigator.cookieEnabled) { window.addEventListener('DOMContentLoaded', function
() { var cookieEl = document.getElementById('cookie-alert'); cookieEl.style.display = 'block'; }) } </script>
<!--<![endif]--> </head> <body> <div id="cf-wrapper"> <div class="cf-alert cf-alert-error cf-cookie-error" id="cookie-alert"
data-translate="enable_cookies">Please enable cookies.</div> <div id="cf-error-details" class="cf-error-details-wrapper">
<div class="cf-section cf-wrapper" style="margin-top: 100px;margin-bottom:200px;"> <div class="cf-columns one">
<div class="cf-column"> <h4 class="cf-text-error"><i class="cf-icon-exclamation-sign" style="background-size:
18px; height: 18px; width: 18px; margin-bottom: 2px;"></i> Warning</h4>
<h2 style="margin: 16px 0;">Suspected Phishing</h2> <strong>This website has been reported for potential phishing.</strong>
<p>Phishing is when a site attempts to steal sensitive information by falsely presenting as a safe source.</p>
<div style="display: flex; align-items: center;"> <p> <a href="https://www.cloudflare.com/learning/access-management/phishing-attack/"
class="cf-btn" style="background-color: #404040; color: #fff; border: 0;">Learn More</a>
<form action="/cdn-cgi/phish-bypass" method="GET" enctype="text/plain"> <input type="hidden" name="atok"
value="71Za1bMT4p7rZalhixa.l.bxuLqtqavi.hc0woY.dYQ-1734782322-0.0.1.1-/int_clp_ldr_sha.txt"> <button
type="submit" class="cf-btn cf-btn-danger" style="color: #bd2426; background: transparent;" data-translate="dismiss_and_enter">Ignore
& Proceed</button> </form> </p> </div> </div>
</div> </div><!-- /.section --> <div id="ts-blocks" style="display:none;"></div> <div class="cf-error-footer
cf-wrapper w-240 lg:w-full py-10 sm:py-4 sm:px-8 mx-auto text-center sm:text-left border-solid border-0 border-t border-gray-300">
<p class="text-13"> <span class="cf-footer-item sm:block sm:mb-1">Cloudflare Ray ID: <strong class="font-semibold">8f57b3ae1fec0fa0</strong></span>
<span class="cf-footer-separator sm:hidden">•</span> <span id="cf-footer-item-ip" class="cf-footer-item hidden sm:block
sm:mb-1"> Your IP: <button type="button" id="cf-footer-ip-reveal" class="cf-footer-ip-reveal-btn">Click to reveal</button>
<span class="hidden" id="cf-footer-ip">8.46.123.189</span> <span class="cf-footer-separator sm:hidden">•</span>
</span> <span class="cf-footer-item sm:block sm:mb-1"><span>Performance & security by</span> <a rel="noopener noreferrer"
href="https://www.cloudflare.com/5xx-error-landing" id="brand_link" target="_blank">Cloudflare</a></span> </p> <script>(function(){function
d(){var b=a.getElementById("cf-footer-item-ip"),c=a.getElementById("cf-footer-ip-reveal");b&&"classList"in b&&(b.classList.remove("hidden"),c.addEventListener("click",function(){c.classList.add("hidden");a.getElementById("cf-footer-ip").classList.remove("hidden")}))}var
a=document;document.addEventListener&&a.addEventListener("DOMContentLoaded",d)})();</script> </div><!-- /.error-footer -->
</div><!-- /#cf-error-details --> </div><!-- /#cf-wrapper --> <script> window._cf_translation = {}; </script>
</body> </html>
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://principledjs.click/api
|
172.67.187.214
|
|
|
|
principledjs.click
|
|
||
|
https://www.cloudflare.com/learning/access-management/phishing-attack/
|
unknown
|
||
|
https://duckduckgo.com/chrome_newtab
|
unknown
|
||
|
https://duckduckgo.com/ac/?q=
|
unknown
|
||
|
http://www.winxdvd.com/dvd-copy-pro/upgradeini/upgrade.ini
|
unknown
|
||
|
http://ocsp.sectigo.com0
|
unknown
|
||
|
https://kliptizq.shop/
|
unknown
|
||
|
necklacebudi.lat
|
|||
|
https://principledjs.click/apird
|
unknown
|
||
|
https://kliptizq.shop/int_clp_ldr_sha.txtG21O
|
unknown
|
||
|
https://www.cloudflare.com/learning/access-management/phishhZ
|
unknown
|
||
|
https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
|
unknown
|
||
|
https://kliptizq.shop/(O
|
unknown
|
||
|
https://support.office.com/article/94ba2e0b-638e-4a92-8857-2cb5ac1d8e17
|
unknown
|
||
|
aspecteirs.lat
|
|||
|
https://www.cloudflare.com/learning/access-management/phishing-attack/class=cf-btnstyle=background-c
|
unknown
|
||
|
http://www.winxdvd.com/specialoffer/latest_giveaway_addBuy
|
unknown
|
||
|
https://principledjs.click:443/api=T
|
unknown
|
||
|
http://www.winxdvd.com/
|
unknown
|
||
|
http://www.winxdvd.com/dvd-copy-pro/buy.htm?dcp_beginbeuiafterafuiopenUsing_Trial_CopyThis
|
unknown
|
||
|
http://www.winxdvd.com/dvd-copy-pro/buy.htm?dcpregisteropenRegistered_SuccessfullyRegistered
|
unknown
|
||
|
https://aka.ms/pscore6lB
|
unknown
|
||
|
http://www.winxdvd.com/dvd-copy-pro/free-update.htm?chlic13open
|
unknown
|
||
|
http://x1.c.lencr.org/0
|
unknown
|
||
|
http://x1.i.lencr.org/0
|
unknown
|
||
|
https://support.office.com/article/94ba2e0b-638e-4a92-8857-2cb5ac1d8e17Install
|
unknown
|
||
|
https://www.cloudflare.com/learning/access-management/phish
|
unknown
|
||
|
https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search
|
unknown
|
||
|
sustainskelet.lat
|
|||
|
https://www.cloudflare.com/5xx-error-landinghZ
|
unknown
|
||
|
crosshuaht.lat
|
|||
|
http://www.winxdvd.com/specialoffer/old_giveaway_addBuy
|
unknown
|
||
|
rapeflowwj.lat
|
|||
|
http://www.winxdvd.com/dvd-copy-pro/upgradeini/upgrade.iniupgrade.iniD=
|
unknown
|
||
|
https://support.mozilla.org/products/firefoxgro.all
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://www.winxdvd.com/dvd-copy-pro/registered-update.htmlatest_reg_addEnjoy
|
unknown
|
||
|
http://www.winxdvd.com/dvd-copy-pro/buy.htmlatest_unreg_addBuy
|
unknown
|
||
|
http://www.winxdvd.com/dvd-copy-pro/faq.htm1http://www.winxdvd.com/dvd-copy-pro/updatelog.htm9http:/
|
unknown
|
||
|
https://sectigo.com/CPS0
|
unknown
|
||
|
https://www.winxdvd.com/
|
unknown
|
||
|
https://www.google.com/images/branding/product/ico/googleg_lodp.ico
|
unknown
|
||
|
http://www.winxdvd.com/dvd-copy-pro/registered-update.htmThe
|
unknown
|
||
|
https://principledjs.click/apiz
|
unknown
|
||
|
https://www.cloudflare.com/learning/access-management/phishing-atX)
|
unknown
|
||
|
https://principledjs.click:443/api.default-release/key4.dbPK
|
unknown
|
||
|
http://www.winxdvd.com/dvd-copy-pro/registered-update.htmold_reg_addUpdate
|
unknown
|
||
|
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
|
unknown
|
||
|
http://crl.rootca1.amazontrust.com/rootca1.crl0
|
unknown
|
||
|
https://principledjs.click:443/apiTU
|
unknown
|
||
|
https://kliptizq.shop/int_clp_ldr_sha.txtR3#O
|
unknown
|
||
|
http://ocsp.rootca1.amazontrust.com0:
|
unknown
|
||
|
https://support.office.com/article/7D48285B-20E8-4B9B-91AD-216E34163BAD?wt.mc_id=EnterPK2016
|
unknown
|
||
|
energyaffai.lat
|
|||
|
http://www.winxdvd.com
|
unknown
|
||
|
https://principledjs.click:443/api
|
unknown
|
||
|
https://www.ecosia.org/newtab/
|
unknown
|
||
|
https://support.mozilla.org/kb/customize-firefox-controls-buttons-and-toolbars?utm_source=firefox-br
|
unknown
|
||
|
https://kliptizq.shop:443/int_clp_ldr_sha.txt
|
unknown
|
||
|
http://www.winxdvd.com/dvd-copy-pro/registered-update.htm
|
unknown
|
||
|
https://www.cloudflare.com/5xx-error-landing
|
unknown
|
||
|
https://www.cloudflare.com/5xx-error-landingid=brand_linktarget=_blank
|
unknown
|
||
|
https://www.winxdvd.com/Help_Filehelp.chm.chmhelpopenInit_CDROMCD-ROM
|
unknown
|
||
|
https://ac.ecosia.org/autocomplete?q=
|
unknown
|
||
|
http://crl.sectigo.com/SectigoRSATimeStampingCA.crl0t
|
unknown
|
||
|
https://kliptizq.shop/int_clp_ldr_sha.txtg
|
unknown
|
||
|
https://kliptizq.shop/int_clp_ldr_sha.txt
|
172.67.191.144
|
||
|
http://crt.sectigo.com/SectigoRSATimeStampingCA.crt0#
|
unknown
|
||
|
https://support.microsof
|
unknown
|
||
|
http://crt.rootca1.amazontrust.com/rootca1.cer0?
|
unknown
|
||
|
http://www.winxdvd.com/dvd-copy-pro/free-update.htm
|
unknown
|
||
|
http://www.winxdvd.com/dvd-copy-pro/buy.htmold_unreg_addBuy
|
unknown
|
||
|
https://principledjs.click/
|
unknown
|
||
|
https://support.office.com/article/7D48285B-20E8-4B9B-91AD-216E34163BAD?wt.mc_id=EnterPK2016Examples
|
unknown
|
||
|
grannyejh.lat
|
|||
|
discokeyus.lat
|
|||
|
https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=
|
unknown
|
||
|
http://www.winxdvd.com/dvd-copy-pro/download.htm7http://www.winxdvd.com/help/how-to-use-dvd-copy-pro
|
unknown
|
||
|
https://www.cloudflare.com/5xx-error-landingmance
|
unknown
|
There are 70 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
principledjs.click
|
172.67.187.214
|
|
|
|
kliptizq.shop
|
172.67.191.144
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
172.67.187.214
|
principledjs.click
|
United States
|
|
|
|
172.67.191.144
|
kliptizq.shop
|
United States
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
1000000
|
heap
|
page read and write
|
||
|
3FBA000
|
trusted library allocation
|
page read and write
|
||
|
67EE000
|
stack
|
page read and write
|
||
|
6D9E000
|
heap
|
page read and write
|
||
|
46DF000
|
trusted library allocation
|
page read and write
|
||
|
2D20000
|
remote allocation
|
page read and write
|
||
|
3F93000
|
trusted library allocation
|
page read and write
|
||
|
3D33000
|
trusted library allocation
|
page read and write
|
||
|
2B8F000
|
stack
|
page read and write
|
||
|
1B8000
|
stack
|
page read and write
|
||
|
3F86000
|
trusted library allocation
|
page read and write
|
||
|
4012000
|
trusted library allocation
|
page read and write
|
||
|
4EF000
|
heap
|
page read and write
|
||
|
48AF000
|
trusted library allocation
|
page read and write
|
||
|
7000000
|
trusted library allocation
|
page read and write
|
||
|
7A90000
|
heap
|
page read and write
|
||
|
4027000
|
trusted library allocation
|
page read and write
|
||
|
4130000
|
trusted library allocation
|
page read and write
|
||
|
2CAA000
|
direct allocation
|
page read and write
|
||
|
4122000
|
trusted library allocation
|
page read and write
|
||
|
7060000
|
trusted library allocation
|
page read and write
|
||
|
3F85000
|
trusted library allocation
|
page read and write
|
||
|
3FA2000
|
trusted library allocation
|
page read and write
|
||
|
3F80000
|
trusted library allocation
|
page read and write
|
||
|
4025000
|
trusted library allocation
|
page read and write
|
||
|
3FFD000
|
trusted library allocation
|
page read and write
|
||
|
409A000
|
trusted library allocation
|
page read and write
|
||
|
49E000
|
stack
|
page read and write
|
||
|
458000
|
heap
|
page read and write
|
||
|
359D000
|
stack
|
page read and write
|
||
|
7070000
|
trusted library allocation
|
page read and write
|
||
|
3FD3000
|
trusted library allocation
|
page read and write
|
||
|
6B2E000
|
stack
|
page read and write
|
||
|
3FBE000
|
trusted library allocation
|
page read and write
|
||
|
3FC6000
|
trusted library allocation
|
page read and write
|
||
|
3F9F000
|
trusted library allocation
|
page read and write
|
||
|
400A000
|
trusted library allocation
|
page read and write
|
||
|
3FA2000
|
trusted library allocation
|
page read and write
|
||
|
40C8000
|
trusted library allocation
|
page read and write
|
||
|
3F70000
|
trusted library allocation
|
page read and write
|
||
|
3FB8000
|
trusted library allocation
|
page read and write
|
||
|
573000
|
heap
|
page read and write
|
||
|
7030000
|
trusted library allocation
|
page read and write
|
||
|
400D000
|
trusted library allocation
|
page read and write
|
||
|
3FF2000
|
trusted library allocation
|
page read and write
|
||
|
3F7D000
|
trusted library allocation
|
page read and write
|
||
|
3F9D000
|
trusted library allocation
|
page read and write
|
||
|
3F93000
|
trusted library allocation
|
page read and write
|
||
|
6765000
|
heap
|
page execute and read and write
|
||
|
3F76000
|
trusted library allocation
|
page read and write
|
||
|
E7E000
|
stack
|
page read and write
|
||
|
57F000
|
heap
|
page read and write
|
||
|
3DDE000
|
stack
|
page read and write
|
||
|
7AA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7AF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3FBB000
|
trusted library allocation
|
page read and write
|
||
|
47D8000
|
trusted library allocation
|
page read and write
|
||
|
3FA5000
|
trusted library allocation
|
page read and write
|
||
|
3F79000
|
trusted library allocation
|
page read and write
|
||
|
40D2000
|
trusted library allocation
|
page read and write
|
||
|
3F98000
|
trusted library allocation
|
page read and write
|
||
|
3FB8000
|
trusted library allocation
|
page read and write
|
||
|
48EC000
|
trusted library allocation
|
page read and write
|
||
|
41EA000
|
trusted library allocation
|
page read and write
|
||
|
3190000
|
heap
|
page read and write
|
||
|
3FD6000
|
trusted library allocation
|
page read and write
|
||
|
6E9E000
|
stack
|
page read and write
|
||
|
6BF000
|
stack
|
page read and write
|
||
|
F10000
|
heap
|
page read and write
|
||
|
3F9B000
|
trusted library allocation
|
page read and write
|
||
|
FF2000
|
heap
|
page read and write
|
||
|
3C80000
|
trusted library allocation
|
page read and write
|
||
|
3F78000
|
trusted library allocation
|
page read and write
|
||
|
3F7E000
|
trusted library allocation
|
page read and write
|
||
|
3F7A000
|
trusted library allocation
|
page read and write
|
||
|
407B000
|
trusted library allocation
|
page read and write
|
||
|
45E2000
|
trusted library allocation
|
page read and write
|
||
|
F92000
|
heap
|
page read and write
|
||
|
3F8E000
|
trusted library allocation
|
page read and write
|
||
|
3FFD000
|
trusted library allocation
|
page read and write
|
||
|
2C70000
|
direct allocation
|
page read and write
|
||
|
A7A000
|
unkown
|
page readonly
|
||
|
4007000
|
trusted library allocation
|
page read and write
|
||
|
3FE4000
|
trusted library allocation
|
page read and write
|
||
|
3F9B000
|
trusted library allocation
|
page read and write
|
||
|
6BEE000
|
stack
|
page read and write
|
||
|
3FAE000
|
trusted library allocation
|
page read and write
|
||
|
4E3000
|
heap
|
page read and write
|
||
|
3F9A000
|
trusted library allocation
|
page read and write
|
||
|
70A0000
|
trusted library allocation
|
page read and write
|
||
|
3F9B000
|
trusted library allocation
|
page read and write
|
||
|
4014000
|
trusted library allocation
|
page read and write
|
||
|
27DF000
|
stack
|
page read and write
|
||
|
6EB0000
|
heap
|
page execute and read and write
|
||
|
3F3F000
|
stack
|
page read and write
|
||
|
6D94000
|
heap
|
page read and write
|
||
|
663E000
|
stack
|
page read and write
|
||
|
FFE000
|
heap
|
page read and write
|
||
|
3FCC000
|
trusted library allocation
|
page read and write
|
||
|
3FC7000
|
trusted library allocation
|
page read and write
|
||
|
9D7000
|
unkown
|
page write copy
|
||
|
2CC9000
|
direct allocation
|
page read and write
|
||
|
6B6E000
|
stack
|
page read and write
|
||
|
415A000
|
trusted library allocation
|
page read and write
|
||
|
3C7F000
|
stack
|
page read and write
|
||
|
FDF000
|
heap
|
page read and write
|
||
|
F8D000
|
heap
|
page read and write
|
||
|
3FD4000
|
trusted library allocation
|
page read and write
|
||
|
3F8B000
|
trusted library allocation
|
page read and write
|
||
|
7040000
|
trusted library allocation
|
page read and write
|
||
|
F55000
|
heap
|
page read and write
|
||
|
4BB000
|
heap
|
page read and write
|
||
|
F7A000
|
heap
|
page read and write
|
||
|
3D37000
|
trusted library allocation
|
page read and write
|
||
|
3FCD000
|
trusted library allocation
|
page read and write
|
||
|
3F9C000
|
trusted library allocation
|
page read and write
|
||
|
2CA2000
|
direct allocation
|
page read and write
|
||
|
FDE000
|
heap
|
page read and write
|
||
|
9D3000
|
unkown
|
page readonly
|
||
|
6970000
|
heap
|
page read and write
|
||
|
414A000
|
trusted library allocation
|
page read and write
|
||
|
3FD9000
|
trusted library allocation
|
page read and write
|
||
|
440000
|
heap
|
page read and write
|
||
|
3FC4000
|
trusted library allocation
|
page read and write
|
||
|
3FDD000
|
trusted library allocation
|
page read and write
|
||
|
1003000
|
heap
|
page read and write
|
||
|
929000
|
unkown
|
page write copy
|
||
|
4024000
|
trusted library allocation
|
page read and write
|
||
|
3FD6000
|
trusted library allocation
|
page read and write
|
||
|
3F83000
|
trusted library allocation
|
page read and write
|
||
|
3FC6000
|
trusted library allocation
|
page read and write
|
||
|
2C61000
|
direct allocation
|
page read and write
|
||
|
55A9000
|
trusted library allocation
|
page read and write
|
||
|
3F7F000
|
trusted library allocation
|
page read and write
|
||
|
1003000
|
heap
|
page read and write
|
||
|
4007000
|
trusted library allocation
|
page read and write
|
||
|
3FEE000
|
trusted library allocation
|
page read and write
|
||
|
6BAE000
|
stack
|
page read and write
|
||
|
35B0000
|
heap
|
page read and write
|
||
|
3F9A000
|
trusted library allocation
|
page read and write
|
||
|
3FB4000
|
trusted library allocation
|
page read and write
|
||
|
3F9B000
|
trusted library allocation
|
page read and write
|
||
|
4927000
|
trusted library allocation
|
page read and write
|
||
|
3FA2000
|
trusted library allocation
|
page read and write
|
||
|
451E000
|
stack
|
page read and write
|
||
|
3FB9000
|
trusted library allocation
|
page read and write
|
||
|
405E000
|
stack
|
page read and write
|
||
|
3F78000
|
trusted library allocation
|
page read and write
|
||
|
65FE000
|
stack
|
page read and write
|
||
|
36CE000
|
trusted library allocation
|
page read and write
|
||
|
3F7D000
|
trusted library allocation
|
page read and write
|
||
|
3FCE000
|
trusted library allocation
|
page read and write
|
||
|
C3C000
|
unkown
|
page readonly
|
||
|
FF2000
|
heap
|
page read and write
|
||
|
3FAC000
|
trusted library allocation
|
page read and write
|
||
|
2D40000
|
heap
|
page read and write
|
||
|
3F95000
|
trusted library allocation
|
page read and write
|
||
|
3FA1000
|
trusted library allocation
|
page read and write
|
||
|
3FBA000
|
trusted library allocation
|
page read and write
|
||
|
3FD3000
|
trusted library allocation
|
page read and write
|
||
|
3F9D000
|
trusted library allocation
|
page read and write
|
||
|
355E000
|
stack
|
page read and write
|
||
|
4570000
|
heap
|
page execute and read and write
|
||
|
3F9F000
|
trusted library allocation
|
page read and write
|
||
|
1003000
|
heap
|
page read and write
|
||
|
450000
|
heap
|
page read and write
|
||
|
488A000
|
trusted library allocation
|
page read and write
|
||
|
3F71000
|
trusted library allocation
|
page read and write
|
||
|
F4F000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
6C22000
|
heap
|
page read and write
|
||
|
3FA8000
|
trusted library allocation
|
page read and write
|
||
|
696B000
|
stack
|
page read and write
|
||
|
3F83000
|
trusted library allocation
|
page read and write
|
||
|
3FEC000
|
trusted library allocation
|
page read and write
|
||
|
3FBB000
|
trusted library allocation
|
page read and write
|
||
|
3FEA000
|
trusted library allocation
|
page execute and read and write
|
||
|
3FC6000
|
trusted library allocation
|
page read and write
|
||
|
4986000
|
trusted library allocation
|
page read and write
|
||
|
3F79000
|
trusted library allocation
|
page read and write
|
||
|
3FB4000
|
trusted library allocation
|
page read and write
|
||
|
3FB7000
|
trusted library allocation
|
page read and write
|
||
|
3180000
|
heap
|
page read and write
|
||
|
3FD3000
|
trusted library allocation
|
page read and write
|
||
|
2C85000
|
direct allocation
|
page read and write
|
||
|
3F85000
|
trusted library allocation
|
page read and write
|
||
|
4060000
|
heap
|
page read and write
|
||
|
3F82000
|
trusted library allocation
|
page read and write
|
||
|
3E3E000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
A76000
|
unkown
|
page readonly
|
||
|
17C000
|
stack
|
page read and write
|
||
|
2C68000
|
direct allocation
|
page read and write
|
||
|
68EB000
|
stack
|
page read and write
|
||
|
3F78000
|
trusted library allocation
|
page read and write
|
||
|
44CD000
|
stack
|
page read and write
|
||
|
9C3000
|
unkown
|
page read and write
|
||
|
3F96000
|
trusted library allocation
|
page read and write
|
||
|
3FC0000
|
trusted library allocation
|
page read and write
|
||
|
3FD6000
|
trusted library allocation
|
page read and write
|
||
|
3FF5000
|
trusted library allocation
|
page execute and read and write
|
||
|
3181000
|
heap
|
page read and write
|
||
|
3FBB000
|
trusted library allocation
|
page read and write
|
||
|
3F9F000
|
trusted library allocation
|
page read and write
|
||
|
6FF0000
|
trusted library allocation
|
page read and write
|
||
|
1130000
|
trusted library allocation
|
page read and write
|
||
|
3181000
|
heap
|
page read and write
|
||
|
3FD6000
|
trusted library allocation
|
page read and write
|
||
|
3F8B000
|
trusted library allocation
|
page read and write
|
||
|
3F96000
|
trusted library allocation
|
page read and write
|
||
|
3CDE000
|
stack
|
page read and write
|
||
|
3FF4000
|
trusted library allocation
|
page read and write
|
||
|
7AC0000
|
trusted library allocation
|
page read and write
|
||
|
4152000
|
trusted library allocation
|
page read and write
|
||
|
3FEC000
|
trusted library allocation
|
page read and write
|
||
|
9C6000
|
unkown
|
page read and write
|
||
|
692E000
|
stack
|
page read and write
|
||
|
3F83000
|
trusted library allocation
|
page read and write
|
||
|
38FE000
|
stack
|
page read and write
|
||
|
4010000
|
trusted library allocation
|
page read and write
|
||
|
3FD0000
|
trusted library allocation
|
page read and write
|
||
|
5589000
|
trusted library allocation
|
page read and write
|
||
|
4007000
|
trusted library allocation
|
page read and write
|
||
|
3F77000
|
trusted library allocation
|
page read and write
|
||
|
E3E000
|
stack
|
page read and write
|
||
|
3F76000
|
trusted library allocation
|
page read and write
|
||
|
3FD6000
|
trusted library allocation
|
page read and write
|
||
|
6F7E000
|
stack
|
page read and write
|
||
|
3FBB000
|
trusted library allocation
|
page read and write
|
||
|
48E1000
|
trusted library allocation
|
page read and write
|
||
|
47F0000
|
trusted library allocation
|
page read and write
|
||
|
4007000
|
trusted library allocation
|
page read and write
|
||
|
4081000
|
trusted library allocation
|
page read and write
|
||
|
9D3000
|
unkown
|
page readonly
|
||
|
3F9A000
|
trusted library allocation
|
page read and write
|
||
|
3FD7000
|
trusted library allocation
|
page read and write
|
||
|
3F90000
|
trusted library allocation
|
page read and write
|
||
|
3FB1000
|
trusted library allocation
|
page read and write
|
||
|
3F95000
|
trusted library allocation
|
page read and write
|
||
|
402D000
|
trusted library allocation
|
page read and write
|
||
|
6D8A000
|
heap
|
page read and write
|
||
|
3FDC000
|
trusted library allocation
|
page read and write
|
||
|
7020000
|
trusted library allocation
|
page read and write
|
||
|
2C8C000
|
direct allocation
|
page read and write
|
||
|
6D60000
|
heap
|
page read and write
|
||
|
2C53000
|
direct allocation
|
page read and write
|
||
|
3FC4000
|
trusted library allocation
|
page read and write
|
||
|
9D8000
|
unkown
|
page readonly
|
||
|
6EA0000
|
trusted library allocation
|
page read and write
|
||
|
3A3E000
|
stack
|
page read and write
|
||
|
FF6000
|
heap
|
page read and write
|
||
|
3F83000
|
trusted library allocation
|
page read and write
|
||
|
3F7F000
|
trusted library allocation
|
page read and write
|
||
|
6D77000
|
heap
|
page read and write
|
||
|
3F8C000
|
trusted library allocation
|
page read and write
|
||
|
3F79000
|
trusted library allocation
|
page read and write
|
||
|
3F96000
|
trusted library allocation
|
page read and write
|
||
|
7AE0000
|
trusted library allocation
|
page read and write
|
||
|
3FB3000
|
trusted library allocation
|
page read and write
|
||
|
F90000
|
heap
|
page read and write
|
||
|
3F9B000
|
trusted library allocation
|
page read and write
|
||
|
67AE000
|
stack
|
page read and write
|
||
|
3F96000
|
trusted library allocation
|
page read and write
|
||
|
3F79000
|
trusted library allocation
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
9B000
|
stack
|
page read and write
|
||
|
FF4000
|
heap
|
page read and write
|
||
|
3F84000
|
trusted library allocation
|
page read and write
|
||
|
3FBB000
|
trusted library allocation
|
page read and write
|
||
|
3FF6000
|
trusted library allocation
|
page read and write
|
||
|
3FB6000
|
trusted library allocation
|
page read and write
|
||
|
670D000
|
stack
|
page read and write
|
||
|
3FF4000
|
trusted library allocation
|
page read and write
|
||
|
FD9000
|
heap
|
page read and write
|
||
|
6EFE000
|
stack
|
page read and write
|
||
|
FFA000
|
heap
|
page read and write
|
||
|
7080000
|
trusted library allocation
|
page read and write
|
||
|
3F71000
|
trusted library allocation
|
page read and write
|
||
|
3FB4000
|
trusted library allocation
|
page read and write
|
||
|
3FA4000
|
trusted library allocation
|
page read and write
|
||
|
7AB0000
|
trusted library allocation
|
page read and write
|
||
|
3F93000
|
trusted library allocation
|
page read and write
|
||
|
3F95000
|
trusted library allocation
|
page read and write
|
||
|
667F000
|
stack
|
page read and write
|
||
|
2810000
|
heap
|
page read and write
|
||
|
FF9000
|
heap
|
page read and write
|
||
|
2C5A000
|
direct allocation
|
page read and write
|
||
|
430000
|
heap
|
page read and write
|
||
|
3F71000
|
trusted library allocation
|
page read and write
|
||
|
3F90000
|
trusted library allocation
|
page read and write
|
||
|
40B2000
|
trusted library allocation
|
page read and write
|
||
|
E85000
|
heap
|
page read and write
|
||
|
3F71000
|
trusted library allocation
|
page read and write
|
||
|
6DB7000
|
heap
|
page read and write
|
||
|
3FAB000
|
trusted library allocation
|
page read and write
|
||
|
400A000
|
trusted library allocation
|
page read and write
|
||
|
3F95000
|
trusted library allocation
|
page read and write
|
||
|
2A83000
|
heap
|
page read and write
|
||
|
FD5000
|
heap
|
page read and write
|
||
|
4879000
|
trusted library allocation
|
page read and write
|
||
|
3FA2000
|
trusted library allocation
|
page read and write
|
||
|
6E5E000
|
stack
|
page read and write
|
||
|
DE0000
|
heap
|
page read and write
|
||
|
2CC1000
|
direct allocation
|
page read and write
|
||
|
2C94000
|
direct allocation
|
page read and write
|
||
|
4B0000
|
heap
|
page read and write
|
||
|
EE0000
|
heap
|
page read and write
|
||
|
3F83000
|
trusted library allocation
|
page read and write
|
||
|
3B7E000
|
stack
|
page read and write
|
||
|
3FC4000
|
trusted library allocation
|
page read and write
|
||
|
6F3F000
|
stack
|
page read and write
|
||
|
4864000
|
trusted library allocation
|
page read and write
|
||
|
3F7A000
|
trusted library allocation
|
page read and write
|
||
|
3FAC000
|
trusted library allocation
|
page read and write
|
||
|
5581000
|
trusted library allocation
|
page read and write
|
||
|
FF2000
|
heap
|
page read and write
|
||
|
95B000
|
unkown
|
page read and write
|
||
|
3FB9000
|
trusted library allocation
|
page read and write
|
||
|
3F86000
|
trusted library allocation
|
page read and write
|
||
|
3FFC000
|
trusted library allocation
|
page read and write
|
||
|
3F89000
|
trusted library allocation
|
page read and write
|
||
|
3F9F000
|
trusted library allocation
|
page read and write
|
||
|
3FE0000
|
trusted library allocation
|
page read and write
|
||
|
3F90000
|
trusted library allocation
|
page read and write
|
||
|
3FA5000
|
trusted library allocation
|
page read and write
|
||
|
3FA9000
|
trusted library allocation
|
page read and write
|
||
|
6FE000
|
stack
|
page read and write
|
||
|
3F7D000
|
trusted library allocation
|
page read and write
|
||
|
3FA2000
|
trusted library allocation
|
page read and write
|
||
|
2C4C000
|
direct allocation
|
page read and write
|
||
|
37BD000
|
stack
|
page read and write
|
||
|
DD0000
|
heap
|
page read and write
|
||
|
3FAC000
|
trusted library allocation
|
page read and write
|
||
|
3B3F000
|
stack
|
page read and write
|
||
|
3F9A000
|
trusted library allocation
|
page read and write
|
||
|
3FBE000
|
trusted library allocation
|
page read and write
|
||
|
3FD4000
|
trusted library allocation
|
page read and write
|
||
|
3FA8000
|
trusted library allocation
|
page read and write
|
||
|
FED000
|
heap
|
page read and write
|
||
|
3F90000
|
trusted library allocation
|
page read and write
|
||
|
3FA7000
|
trusted library allocation
|
page read and write
|
||
|
3FAB000
|
trusted library allocation
|
page read and write
|
||
|
3F7D000
|
trusted library allocation
|
page read and write
|
||
|
3F7B000
|
trusted library allocation
|
page read and write
|
||
|
38BE000
|
stack
|
page read and write
|
||
|
6FE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3F83000
|
trusted library allocation
|
page read and write
|
||
|
2A80000
|
heap
|
page read and write
|
||
|
4007000
|
trusted library allocation
|
page read and write
|
||
|
6DA3000
|
heap
|
page read and write
|
||
|
70B0000
|
trusted library allocation
|
page read and write
|
||
|
3FCD000
|
trusted library allocation
|
page execute and read and write
|
||
|
F60000
|
heap
|
page read and write
|
||
|
FD5000
|
heap
|
page read and write
|
||
|
2D20000
|
remote allocation
|
page read and write
|
||
|
2D20000
|
remote allocation
|
page read and write
|
||
|
1176000
|
heap
|
page read and write
|
||
|
10E0000
|
direct allocation
|
page execute and read and write
|
||
|
2CBA000
|
direct allocation
|
page read and write
|
||
|
39FF000
|
stack
|
page read and write
|
||
|
3FC5000
|
trusted library allocation
|
page read and write
|
||
|
F68000
|
heap
|
page read and write
|
||
|
6760000
|
heap
|
page execute and read and write
|
||
|
674B000
|
stack
|
page read and write
|
||
|
3FA8000
|
trusted library allocation
|
page read and write
|
||
|
710000
|
heap
|
page read and write
|
||
|
3F7D000
|
trusted library allocation
|
page read and write
|
||
|
94E000
|
unkown
|
page read and write
|
||
|
48C0000
|
trusted library allocation
|
page read and write
|
||
|
6D7D000
|
heap
|
page read and write
|
||
|
455E000
|
stack
|
page read and write
|
||
|
3FAB000
|
trusted library allocation
|
page read and write
|
||
|
4140000
|
heap
|
page read and write
|
||
|
68AD000
|
stack
|
page read and write
|
||
|
3FC6000
|
trusted library allocation
|
page read and write
|
||
|
3F9F000
|
trusted library allocation
|
page read and write
|
||
|
3F73000
|
trusted library allocation
|
page read and write
|
||
|
400D000
|
trusted library allocation
|
page read and write
|
||
|
1170000
|
heap
|
page read and write
|
||
|
3FD9000
|
trusted library allocation
|
page read and write
|
||
|
7AD0000
|
heap
|
page read and write
|
||
|
2800000
|
trusted library allocation
|
page read and write
|
||
|
3F89000
|
trusted library allocation
|
page read and write
|
||
|
FE3000
|
heap
|
page read and write
|
||
|
3FF0000
|
trusted library allocation
|
page read and write
|
||
|
929000
|
unkown
|
page read and write
|
||
|
3F96000
|
trusted library allocation
|
page read and write
|
||
|
E80000
|
heap
|
page read and write
|
||
|
7090000
|
trusted library allocation
|
page read and write
|
||
|
866B000
|
trusted library allocation
|
page read and write
|
||
|
4120000
|
trusted library allocation
|
page execute and read and write
|
||
|
2C77000
|
direct allocation
|
page read and write
|
||
|
3EF8000
|
trusted library allocation
|
page read and write
|
||
|
7010000
|
trusted library allocation
|
page read and write
|
||
|
49BF000
|
trusted library allocation
|
page read and write
|
||
|
3F87000
|
trusted library allocation
|
page read and write
|
||
|
40B0000
|
heap
|
page readonly
|
||
|
2C9B000
|
direct allocation
|
page read and write
|
||
|
6FBD000
|
stack
|
page read and write
|
||
|
3F95000
|
trusted library allocation
|
page read and write
|
||
|
6FD0000
|
trusted library allocation
|
page read and write
|
||
|
2A1F000
|
stack
|
page read and write
|
||
|
3FB2000
|
trusted library allocation
|
page read and write
|
||
|
6D4E000
|
heap
|
page read and write
|
||
|
EA0000
|
heap
|
page read and write
|
||
|
3FBB000
|
trusted library allocation
|
page read and write
|
||
|
55E7000
|
trusted library allocation
|
page read and write
|
||
|
40AF000
|
stack
|
page read and write
|
||
|
682D000
|
stack
|
page read and write
|
||
|
7050000
|
trusted library allocation
|
page read and write
|
||
|
3FA8000
|
trusted library allocation
|
page read and write
|
||
|
3FA5000
|
trusted library allocation
|
page read and write
|
||
|
411C000
|
stack
|
page read and write
|
||
|
65BE000
|
stack
|
page read and write
|
||
|
4581000
|
trusted library allocation
|
page read and write
|
||
|
489D000
|
trusted library allocation
|
page read and write
|
||
|
F1A000
|
heap
|
page read and write
|
||
|
3FC2000
|
trusted library allocation
|
page read and write
|
||
|
3FBB000
|
trusted library allocation
|
page read and write
|
||
|
3FAB000
|
trusted library allocation
|
page read and write
|
||
|
3FC3000
|
trusted library allocation
|
page execute and read and write
|
||
|
3FED000
|
trusted library allocation
|
page read and write
|
||
|
6D39000
|
heap
|
page read and write
|
||
|
3FA1000
|
trusted library allocation
|
page read and write
|
||
|
2C7E000
|
direct allocation
|
page read and write
|
||
|
3FCC000
|
trusted library allocation
|
page read and write
|
||
|
686A000
|
stack
|
page read and write
|
There are 417 hidden memdumps, click here to show them.