IOC Report
Setup.exe

loading gif

Files

File Path
Type
Category
Malicious
Setup.exe
PE32 executable (GUI) Intel 80386, for MS Windows
initial sample
malicious
C:\Users\user\AppData\Local\Temp\124531\Designing.com
PE32 executable (GUI) Intel 80386, for MS Windows
modified
malicious
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
data
dropped
C:\Users\user\AppData\Local\Temp\124531\z
data
dropped
C:\Users\user\AppData\Local\Temp\Airplane
data
dropped
C:\Users\user\AppData\Local\Temp\Brunette
Atari 68xxx CPX file (version 0064)
dropped
C:\Users\user\AppData\Local\Temp\Conclusion
data
dropped
C:\Users\user\AppData\Local\Temp\Consist
data
dropped
C:\Users\user\AppData\Local\Temp\Distinction
data
dropped
C:\Users\user\AppData\Local\Temp\Earnings
data
dropped
C:\Users\user\AppData\Local\Temp\French
data
dropped
C:\Users\user\AppData\Local\Temp\Hormone
data
dropped
C:\Users\user\AppData\Local\Temp\Immediately
data
dropped
C:\Users\user\AppData\Local\Temp\Lance
data
dropped
C:\Users\user\AppData\Local\Temp\Like
data
dropped
C:\Users\user\AppData\Local\Temp\Lt
Microsoft Cabinet archive data, 488491 bytes, 11 files, at 0x2c +A "Brunette" +A "Consist", ID 8064, number 1, 29 datablocks, 0x1 compression
dropped
C:\Users\user\AppData\Local\Temp\Luxury
data
dropped
C:\Users\user\AppData\Local\Temp\Needs
data
dropped
C:\Users\user\AppData\Local\Temp\Physical
ASCII text, with very long lines (723), with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\Physical.cmd (copy)
ASCII text, with very long lines (723), with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\Placing
data
dropped
C:\Users\user\AppData\Local\Temp\Rendered
data
dropped
C:\Users\user\AppData\Local\Temp\Rough
data
dropped
C:\Users\user\AppData\Local\Temp\Selected
data
dropped
C:\Users\user\AppData\Local\Temp\Sun
data
dropped
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_gek1k2np.hie.ps1
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_lxwjq1b1.fvr.psm1
ASCII text, with no line terminators
dropped
There are 17 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Users\user\Desktop\Setup.exe
"C:\Users\user\Desktop\Setup.exe"
malicious
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c move Physical Physical.cmd & Physical.cmd
malicious
C:\Windows\SysWOW64\findstr.exe
findstr /I "opssvc wrsa"
malicious
C:\Windows\SysWOW64\findstr.exe
findstr "AvastUI AVGUI bdservicehost nsWscSvc ekrn SophosHealth"
malicious
C:\Windows\SysWOW64\cmd.exe
cmd /c md 124531
malicious
C:\Windows\SysWOW64\findstr.exe
findstr /V "Heater" Lance
malicious
C:\Windows\SysWOW64\cmd.exe
cmd /c copy /b ..\Needs + ..\Conclusion + ..\Rendered + ..\French + ..\Selected + ..\Hormone + ..\Rough z
malicious
C:\Users\user\AppData\Local\Temp\124531\Designing.com
Designing.com z
malicious
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
powershell -exec bypass <!DOCTYPE html> <!--[if lt IE 7]> <html class="no-js ie6 oldie" lang="en-US"> <![endif]--> <!--[if IE 7]> <html class="no-js ie7 oldie" lang="en-US"> <![endif]--> <!--[if IE 8]> <html class="no-js ie8 oldie" lang="en-US"> <![endif]--> <!--[if gt IE 8]><!--> <html class="no-js" lang="en-US"> <!--<![endif]--> <head> <title>Suspected phishing site | Cloudflare</title> <meta charset="UTF-8" /> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> <meta http-equiv="X-UA-Compatible" content="IE=Edge" /> <meta name="robots" content="noindex, nofollow" /> <meta name="viewport" content="width=device-width,initial-scale=1" /> <link rel="stylesheet" id="cf_styles-css" href="/cdn-cgi/styles/cf.errors.css" /> <!--[if lt IE 9]><link rel="stylesheet" id='cf_styles-ie-css' href="/cdn-cgi/styles/cf.errors.ie.css" /><![endif]--> <style>body{margin:0;padding:0}</style> <!--[if gte IE 10]><!--> <script> if (!navigator.cookieEnabled) { window.addEventListener('DOMContentLoaded', function () { var cookieEl = document.getElementById('cookie-alert'); cookieEl.style.display = 'block'; }) } </script> <!--<![endif]--> </head> <body> <div id="cf-wrapper"> <div class="cf-alert cf-alert-error cf-cookie-error" id="cookie-alert" data-translate="enable_cookies">Please enable cookies.</div> <div id="cf-error-details" class="cf-error-details-wrapper"> <div class="cf-section cf-wrapper" style="margin-top: 100px;margin-bottom:200px;"> <div class="cf-columns one"> <div class="cf-column"> <h4 class="cf-text-error"><i class="cf-icon-exclamation-sign" style="background-size: 18px; height: 18px; width: 18px; margin-bottom: 2px;"></i> Warning</h4> <h2 style="margin: 16px 0;">Suspected Phishing</h2> <strong>This website has been reported for potential phishing.</strong> <p>Phishing is when a site attempts to steal sensitive information by falsely presenting as a safe source.</p> <div style="display: flex; align-items: center;"> <p> <a href="https://www.cloudflare.com/learning/access-management/phishing-attack/" class="cf-btn" style="background-color: #404040; color: #fff; border: 0;">Learn More</a> <form action="/cdn-cgi/phish-bypass" method="GET" enctype="text/plain"> <input type="hidden" name="atok" value="BXbnWZevLkHtdOsp9HK3kFhiUmjhb_D.556JPjN0VJs-1734906557-0.0.1.1-/int_clp_ldr_sha.txt"> <button type="submit" class="cf-btn cf-btn-danger" style="color: #bd2426; background: transparent;" data-translate="dismiss_and_enter">Ignore & Proceed</button> </form> </p> </div> </div> </div> </div><!-- /.section --> <div id="ts-blocks" style="display:none;"></div> <div class="cf-error-footer cf-wrapper w-240 lg:w-full py-10 sm:py-4 sm:px-8 mx-auto text-center sm:text-left border-solid border-0 border-t border-gray-300"> <p class="text-13"> <span class="cf-footer-item sm:block sm:mb-1">Cloudflare Ray ID: <strong class="font-semibold">8f638cc2ab095e5f</strong></span> <span class="cf-footer-separator sm:hidden">&bull;</span> <span id="cf-footer-item-ip" class="cf-footer-item hidden sm:block sm:mb-1"> Your IP: <button type="button" id="cf-footer-ip-reveal" class="cf-footer-ip-reveal-btn">Click to reveal</button> <span class="hidden" id="cf-footer-ip">8.46.123.189</span> <span class="cf-footer-separator sm:hidden">&bull;</span> </span> <span class="cf-footer-item sm:block sm:mb-1"><span>Performance &amp; security by</span> <a rel="noopener noreferrer" href="https://www.cloudflare.com/5xx-error-landing" id="brand_link" target="_blank">Cloudflare</a></span> </p> <script>(function(){function d(){var b=a.getElementById("cf-footer-item-ip"),c=a.getElementById("cf-footer-ip-reveal");b&&"classList"in b&&(b.classList.remove("hidden"),c.addEventListener("click",function(){c.classList.add("hidden");a.getElementById("cf-footer-ip").classList.remove("hidden")}))}var a=document;document.addEventListener&&a.addEventListener("DOMContentLoaded",d)})();</script> </div><!-- /.error-footer --> </div><!-- /#cf-error-details --> </div><!-- /#cf-wrapper --> <script> window._cf_translation = {}; </script> </body> </html>
malicious
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\SysWOW64\tasklist.exe
tasklist
C:\Windows\SysWOW64\tasklist.exe
tasklist
C:\Windows\SysWOW64\extrac32.exe
extrac32 /Y /E Lt
C:\Windows\SysWOW64\choice.exe
choice /d y /t 5
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
There are 5 hidden processes, click here to show them.

URLs

Name
IP
Malicious
https://quantitypitt.click/api
172.67.186.189
malicious
quantitypitt.click
malicious
https://www.cloudflare.com/learning/access-management/phishing-attack/
unknown
https://duckduckgo.com/chrome_newtab
unknown
https://duckduckgo.com/ac/?q=
unknown
https://kliptizq.shop/int_clp_ldr_sha.txtC
unknown
necklacebudi.lat
https://kliptizq.shop/int_clp_ldr_sha.txtM
unknown
http://ocsps.ssl.com0
unknown
https://www.cloudflare.com/learning/access-management/phishhZ
unknown
https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
unknown
http://crls.ssl.com/SSLcom-RootCA-EV-RSA-4096-R2.crl0
unknown
https://kliptizq.shop:443/int_clp_ldr_sha.txtge
unknown
aspecteirs.lat
http://cert.ssl.com/SSLcom-SubCA-EV-CodeSigning-RSA-4096-R3.cer0_
unknown
https://www.cloudflare.com/learning/access-management/phishing-attack/class=cf-btnstyle=background-c
unknown
https://www.autoitscript.com/autoit3/
unknown
http://crls.ssl.com/SSLcom-SubCA-EV-CodeSigning-RSA-4096-R3.crl0
unknown
https://neqi.shop/sdgjyut/psh.txt
unknown
https://aka.ms/pscore6lB
unknown
https://quantitypitt.click:443/api
unknown
http://x1.c.lencr.org/0
unknown
http://x1.i.lencr.org/0
unknown
https://www.cloudflare.com/learning/access-management/phish
unknown
https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search
unknown
https://www.ssl.com/repository0
unknown
sustainskelet.lat
https://www.cloudflare.com/5xx-error-landinghZ
unknown
crosshuaht.lat
rapeflowwj.lat
https://support.mozilla.org/products/firefoxgro.all
unknown
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
unknown
https://kliptizq.shop/Z
unknown
https://quantitypitt.click:443/apiK
unknown
https://www.google.com/images/branding/product/ico/googleg_lodp.ico
unknown
https://quantitypitt.click/
unknown
https://www.cloudflare.com/learning/access-management/phishing-atX)
unknown
https://quantitypitt.click:443/apiicrosoft
unknown
https://neqi.shop/
unknown
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
unknown
http://crl.rootca1.amazontrust.com/rootca1.crl0
unknown
http://www.autoitscript.com/autoit3/X
unknown
http://ocsp.rootca1.amazontrust.com0:
unknown
http://nsis.sf.net/NSIS_ErrorError
unknown
energyaffai.lat
https://quantitypitt.click/apik
unknown
https://www.ecosia.org/newtab/
unknown
https://kliptizq.shop/9
unknown
https://support.mozilla.org/kb/customize-firefox-controls-buttons-and-toolbars?utm_source=firefox-br
unknown
https://www.cloudflare.com/5xx-error-landing
unknown
https://www.cloudflare.com/5xx-error-landingid=brand_linktarget=_blank
unknown
https://ac.ecosia.org/autocomplete?q=
unknown
https://kliptizq.shop/int_clp_ldr_sha.txt
172.67.191.144
http://crt.rootca1.amazontrust.com/rootca1.cer0?
unknown
https://neqi.shop/sdgjyut/psh.txtk
unknown
grannyejh.lat
discokeyus.lat
http://www.ssl.com/repository/SSLcom-RootCA-EV-RSA-4096-R2.crt0
unknown
https://quantitypitt.click/%
unknown
https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=
unknown
https://www.cloudflare.com/5xx-error-landingmance
unknown
There are 51 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
quantitypitt.click
172.67.186.189
malicious
kliptizq.shop
172.67.191.144
neqi.shop
194.58.112.174
qebHBVmGmKNLRBMHyOJv.qebHBVmGmKNLRBMHyOJv
unknown

IPs

IP
Domain
Country
Malicious
172.67.186.189
quantitypitt.click
United States
malicious
172.67.191.144
kliptizq.shop
United States
194.58.112.174
neqi.shop
Russian Federation

Memdumps

Base Address
Regiontype
Protect
Malicious
1A6F000
heap
page read and write
malicious
480D000
trusted library allocation
page read and write
8C0000
heap
page read and write
529C000
trusted library allocation
page read and write
7380000
trusted library allocation
page read and write
6C50000
heap
page read and write
26EE000
stack
page read and write
42CB000
trusted library allocation
page read and write
8AF000
heap
page read and write
42C4000
trusted library allocation
page read and write
7048000
heap
page read and write
2BF1000
heap
page read and write
4ACB000
trusted library allocation
page read and write
3E52000
heap
page read and write
48C1000
trusted library allocation
page read and write
480F000
trusted library allocation
page read and write
1726000
heap
page read and write
480C000
trusted library allocation
page read and write
4F7F000
stack
page read and write
48B8000
trusted library allocation
page read and write
48D2000
trusted library allocation
page read and write
474C000
stack
page read and write
466E000
stack
page read and write
B20000
heap
page read and write
307D000
heap
page read and write
8D0000
heap
page read and write
427C000
trusted library allocation
page read and write
D2E000
stack
page read and write
5F68000
trusted library allocation
page read and write
1ADB000
heap
page read and write
4B6F000
trusted library allocation
page read and write
3390000
heap
page read and write
9AC000
heap
page read and write
478E000
stack
page read and write
4192000
trusted library allocation
page read and write
3160000
heap
page read and write
729E000
stack
page read and write
E3D000
unkown
page readonly
4690000
heap
page read and write
9B5000
heap
page read and write
492F000
trusted library allocation
page read and write
41DE000
trusted library allocation
page read and write
47B0000
heap
page read and write
9BD000
heap
page read and write
D90000
heap
page read and write
416A000
trusted library allocation
page read and write
3E52000
heap
page read and write
CF0000
heap
page read and write
4101000
trusted library allocation
page read and write
4880000
remote allocation
page read and write
2BE7000
heap
page read and write
9AD000
heap
page read and write
4805000
trusted library allocation
page read and write
7C6000
heap
page read and write
C4C000
stack
page read and write
7DE000
stack
page read and write
FF4000
heap
page read and write
42E0000
trusted library allocation
page read and write
41DE000
trusted library allocation
page read and write
42AC000
trusted library allocation
page read and write
98000
stack
page read and write
42C2000
trusted library allocation
page read and write
70F0000
trusted library allocation
page read and write
4269000
trusted library allocation
page read and write
1AEB000
heap
page read and write
970000
heap
page read and write
3079000
heap
page read and write
3E52000
heap
page read and write
42BD000
trusted library allocation
page read and write
9A9000
heap
page read and write
2CC000
stack
page read and write
4609000
trusted library allocation
page read and write
57C1000
trusted library allocation
page read and write
4276000
trusted library allocation
page read and write
44F8000
trusted library allocation
page read and write
480D000
trusted library allocation
page read and write
409000
unkown
page readonly
620000
heap
page read and write
4A3E000
trusted library allocation
page read and write
81F000
stack
page read and write
3E52000
heap
page read and write
7EE0000
heap
page read and write
72C000
stack
page read and write
4800000
trusted library allocation
page read and write
44C2000
trusted library allocation
page read and write
19A000
stack
page read and write
9D4000
heap
page read and write
7089000
heap
page read and write
269E000
stack
page read and write
4804000
trusted library allocation
page read and write
42C000
unkown
page read and write
496B000
trusted library allocation
page read and write
BD0000
trusted library allocation
page read and write
71A0000
trusted library allocation
page read and write
850000
heap
page read and write
79E000
stack
page read and write
27EF000
stack
page read and write
4285000
trusted library allocation
page read and write
3E52000
heap
page read and write
4263000
trusted library allocation
page read and write
480B000
trusted library allocation
page read and write
480A000
trusted library allocation
page read and write
4261000
trusted library allocation
page read and write
3BE000
stack
page read and write
7320000
trusted library allocation
page read and write
4807000
trusted library allocation
page read and write
42C3000
trusted library allocation
page read and write
491E000
trusted library allocation
page read and write
42BB000
trusted library allocation
page read and write
4101000
trusted library allocation
page read and write
42BE000
trusted library allocation
page read and write
4401000
trusted library allocation
page read and write
2BE3000
heap
page read and write
4152000
trusted library allocation
page read and write
940000
heap
page read and write
3E52000
heap
page read and write
42D5000
trusted library allocation
page read and write
3E52000
heap
page read and write
42AE000
trusted library allocation
page read and write
4401000
trusted library allocation
page read and write
42ED000
trusted library allocation
page read and write
3E52000
heap
page read and write
480A000
trusted library allocation
page read and write
489A000
trusted library allocation
page read and write
44E1000
trusted library allocation
page read and write
2940000
heap
page read and write
707F000
heap
page read and write
419C000
trusted library allocation
page read and write
45CE000
trusted library allocation
page read and write
7350000
trusted library allocation
page read and write
4949000
trusted library allocation
page read and write
4285000
trusted library allocation
page read and write
1715000
heap
page read and write
48D4000
trusted library allocation
page read and write
4261000
trusted library allocation
page read and write
8BE000
heap
page read and write
7390000
trusted library allocation
page read and write
42A0000
trusted library allocation
page read and write
428D000
trusted library allocation
page read and write
2C03000
heap
page read and write
FA0000
trusted library allocation
page read and write
4401000
trusted library allocation
page read and write
706E000
heap
page read and write
42DB000
trusted library allocation
page read and write
AB5000
heap
page read and write
1AC5000
heap
page read and write
E6D000
unkown
page write copy
719E000
stack
page read and write
480A000
trusted library allocation
page read and write
A3F000
stack
page read and write
4B25000
trusted library allocation
page read and write
42A6000
trusted library allocation
page read and write
6ECE000
stack
page read and write
3E52000
heap
page read and write
48C1000
trusted library allocation
page read and write
48AE000
trusted library allocation
page read and write
3E52000
heap
page read and write
74E000
stack
page read and write
7D90000
trusted library allocation
page read and write
7083000
heap
page read and write
480F000
trusted library allocation
page read and write
5060000
heap
page read and write
42DB000
trusted library allocation
page read and write
DA1000
unkown
page execute read
48BF000
trusted library allocation
page read and write
4259000
trusted library allocation
page read and write
3FF000
stack
page read and write
7360000
trusted library allocation
page read and write
6A2B000
stack
page read and write
4273000
trusted library allocation
page read and write
540000
heap
page read and write
42A0000
trusted library allocation
page read and write
4401000
trusted library allocation
page read and write
42F5000
trusted library allocation
page read and write
42BD000
trusted library allocation
page read and write
419F000
trusted library allocation
page read and write
42CE000
trusted library allocation
page read and write
2C00000
heap
page read and write
2BEF000
heap
page read and write
895000
heap
page read and write
4800000
trusted library allocation
page read and write
15CE000
stack
page read and write
FA0000
trusted library allocation
page read and write
9F2000
heap
page read and write
4273000
trusted library allocation
page read and write
ECE000
stack
page read and write
4AA5000
trusted library allocation
page read and write
51CD000
trusted library allocation
page read and write
E6D000
unkown
page read and write
820000
heap
page read and write
63CD000
trusted library allocation
page read and write
409000
unkown
page readonly
500000
unkown
page readonly
492D000
trusted library allocation
page read and write
FA0000
trusted library allocation
page read and write
4273000
trusted library allocation
page read and write
6C60000
heap
page read and write
7340000
trusted library allocation
page read and write
680E000
stack
page read and write
4640000
trusted library allocation
page read and write
4622000
trusted library allocation
page read and write
3E52000
heap
page read and write
4339000
trusted library allocation
page read and write
308D000
heap
page read and write
4288000
trusted library allocation
page read and write
468E000
stack
page read and write
4EFF000
stack
page read and write
46B0000
heap
page read and write
16F0000
heap
page read and write
4262000
trusted library allocation
page read and write
498F000
trusted library allocation
page read and write
899000
heap
page read and write
435F000
trusted library allocation
page read and write
9EE000
stack
page read and write
7057000
heap
page read and write
48E0000
trusted library allocation
page read and write
514000
direct allocation
page execute and read and write
41DE000
trusted library allocation
page read and write
C84000
heap
page read and write
15EF000
stack
page read and write
4296000
trusted library allocation
page read and write
68D9000
trusted library allocation
page read and write
2C03000
heap
page read and write
6E8E000
stack
page read and write
4284000
trusted library allocation
page read and write
4401000
trusted library allocation
page read and write
6F01000
heap
page read and write
48C6000
trusted library allocation
page read and write
41ED000
trusted library allocation
page read and write
8B9000
heap
page read and write
6E4E000
stack
page read and write
978000
heap
page read and write
42BE000
trusted library allocation
page read and write
FC0000
direct allocation
page execute and read and write
2BD8000
heap
page read and write
1ADC000
heap
page read and write
4890000
trusted library allocation
page read and write
4802000
trusted library allocation
page read and write
900000
heap
page read and write
6BCE000
stack
page read and write
4806000
trusted library allocation
page read and write
41EB000
trusted library allocation
page read and write
7044000
heap
page read and write
760000
heap
page read and write
494B000
trusted library allocation
page read and write
C84000
heap
page read and write
480D000
trusted library allocation
page read and write
48C4000
trusted library allocation
page read and write
3E52000
heap
page read and write
1AE3000
heap
page read and write
6895000
heap
page execute and read and write
48C4000
trusted library allocation
page read and write
4295000
trusted library allocation
page read and write
4152000
trusted library allocation
page read and write
48E2000
trusted library allocation
page read and write
3E52000
heap
page read and write
69ED000
stack
page read and write
7027000
heap
page read and write
72F0000
trusted library allocation
page read and write
42EB000
trusted library allocation
page read and write
8B9000
heap
page read and write
4135000
trusted library allocation
page read and write
42BF000
trusted library allocation
page read and write
4201000
trusted library allocation
page read and write
D6F000
stack
page read and write
370000
heap
page read and write
46DF000
stack
page read and write
4801000
trusted library allocation
page read and write
640000
heap
page read and write
6E0E000
stack
page read and write
458C000
trusted library allocation
page read and write
429E000
trusted library allocation
page read and write
4279000
trusted library allocation
page read and write
42A4000
trusted library allocation
page read and write
401000
unkown
page execute read
C80000
heap
page read and write
303F000
stack
page read and write
3062000
heap
page read and write
48DB000
trusted library allocation
page read and write
4298000
trusted library allocation
page read and write
419A000
trusted library allocation
page read and write
695E000
stack
page read and write
6890000
heap
page execute and read and write
2EB0000
heap
page read and write
9A9000
heap
page read and write
46AF000
stack
page read and write
4339000
trusted library allocation
page read and write
305E000
heap
page read and write
75E000
stack
page read and write
721E000
stack
page read and write
4271000
trusted library allocation
page read and write
426B000
trusted library allocation
page read and write
419F000
trusted library allocation
page read and write
41DC000
trusted library allocation
page read and write
7074000
heap
page read and write
8AF000
heap
page read and write
4968000
trusted library allocation
page read and write
42E2000
trusted library allocation
page read and write
4898000
trusted library allocation
page read and write
4806000
trusted library allocation
page read and write
46E0000
heap
page read and write
2C03000
heap
page read and write
3E52000
heap
page read and write
461A000
trusted library allocation
page execute and read and write
3E52000
heap
page read and write
DA0000
unkown
page readonly
D3E000
stack
page read and write
E75000
unkown
page readonly
1AEC000
heap
page read and write
7000000
heap
page read and write
E71000
unkown
page write copy
AC0000
heap
page read and write
48B7000
trusted library allocation
page read and write
57E9000
trusted library allocation
page read and write
3083000
heap
page read and write
CEF000
stack
page read and write
4164000
trusted library allocation
page read and write
2F6C000
stack
page read and write
426F000
trusted library allocation
page read and write
7098000
heap
page read and write
2EB7000
heap
page read and write
49AD000
trusted library allocation
page read and write
42BF000
trusted library allocation
page read and write
429E000
trusted library allocation
page read and write
DF3000
trusted library allocation
page execute and read and write
4807000
trusted library allocation
page read and write
3E51000
heap
page read and write
715E000
stack
page read and write
41EB000
trusted library allocation
page read and write
48BE000
trusted library allocation
page read and write
4313000
trusted library allocation
page read and write
42E3000
trusted library allocation
page read and write
9AF000
stack
page read and write
4801000
trusted library allocation
page read and write
EE6000
heap
page read and write
44D1000
trusted library allocation
page read and write
4296000
trusted library allocation
page read and write
48A0000
trusted library allocation
page read and write
16F8000
heap
page read and write
2BC0000
heap
page read and write
92E000
stack
page read and write
48AD000
trusted library allocation
page read and write
4291000
trusted library allocation
page read and write
42A9000
trusted library allocation
page read and write
606D000
trusted library allocation
page read and write
4201000
trusted library allocation
page read and write
725E000
stack
page read and write
4288000
trusted library allocation
page read and write
3E52000
heap
page read and write
4339000
trusted library allocation
page read and write
691E000
stack
page read and write
C3A000
stack
page read and write
4801000
trusted library allocation
page read and write
4F3E000
stack
page read and write
6AAE000
stack
page read and write
401000
unkown
page execute read
48BD000
trusted library allocation
page read and write
6C4B000
stack
page read and write
4692000
trusted library allocation
page read and write
8B9000
heap
page read and write
71B0000
trusted library allocation
page execute and read and write
5F9F000
trusted library allocation
page read and write
ABE000
stack
page read and write
7C0000
heap
page read and write
710000
heap
page read and write
4401000
trusted library allocation
page read and write
5F1F000
trusted library allocation
page read and write
49BE000
trusted library allocation
page read and write
49C1000
trusted library allocation
page read and write
4802000
trusted library allocation
page read and write
7310000
trusted library allocation
page read and write
6A6E000
stack
page read and write
44F4000
trusted library allocation
page read and write
B00000
heap
page read and write
400000
unkown
page readonly
419F000
trusted library allocation
page read and write
48CC000
trusted library allocation
page read and write
5EFF000
trusted library allocation
page read and write
480D000
trusted library allocation
page read and write
3A9C000
heap
page read and write
DA0000
unkown
page readonly
5EE7000
trusted library allocation
page read and write
68E000
stack
page read and write
98F000
heap
page read and write
3E52000
heap
page read and write
4EBE000
stack
page read and write
88D000
heap
page read and write
920000
heap
page read and write
40C000
unkown
page read and write
48CA000
trusted library allocation
page read and write
4156000
trusted library allocation
page read and write
6E0000
heap
page read and write
427E000
trusted library allocation
page read and write
500000
unkown
page readonly
46BF000
trusted library allocation
page read and write
7E0000
heap
page read and write
4801000
trusted library allocation
page read and write
293F000
stack
page read and write
5030000
heap
page read and write
8AE000
heap
page read and write
45AA000
trusted library allocation
page read and write
4AF0000
trusted library allocation
page read and write
48D7000
trusted library allocation
page read and write
42C4000
trusted library allocation
page read and write
6C0E000
stack
page read and write
41D3000
trusted library allocation
page read and write
439C000
trusted library allocation
page read and write
433D000
trusted library allocation
page read and write
EE0000
heap
page read and write
3E52000
heap
page read and write
480F000
trusted library allocation
page read and write
429C000
trusted library allocation
page read and write
2C03000
heap
page read and write
8AC000
heap
page read and write
306C000
heap
page read and write
4625000
trusted library allocation
page execute and read and write
5ECE000
trusted library allocation
page read and write
7330000
trusted library allocation
page read and write
4809000
trusted library allocation
page read and write
42A5000
trusted library allocation
page read and write
2A60000
heap
page read and write
992000
heap
page read and write
428E000
trusted library allocation
page read and write
3E51000
heap
page read and write
4800000
trusted library allocation
page read and write
4807000
trusted library allocation
page read and write
4801000
trusted library allocation
page read and write
4610000
trusted library allocation
page read and write
3E52000
heap
page read and write
CB0000
heap
page read and write
431C000
trusted library allocation
page read and write
4802000
trusted library allocation
page read and write
A4F000
stack
page read and write
4898000
trusted library allocation
page read and write
9BD000
heap
page read and write
427D000
trusted library allocation
page read and write
3E52000
heap
page read and write
FF0000
heap
page read and write
3398000
heap
page read and write
7A8000
heap
page read and write
684E000
stack
page read and write
4152000
trusted library allocation
page read and write
480A000
trusted library allocation
page read and write
869000
heap
page read and write
7DB0000
trusted library allocation
page read and write
419F000
trusted library allocation
page read and write
4271000
trusted library allocation
page read and write
4B31000
trusted library allocation
page read and write
96E000
stack
page read and write
41ED000
trusted library allocation
page read and write
8A6000
heap
page read and write
3E52000
heap
page read and write
3E52000
heap
page read and write
4101000
trusted library allocation
page read and write
D7F000
stack
page read and write
48E8000
trusted library allocation
page read and write
4A1B000
trusted library allocation
page read and write
B08000
heap
page read and write
428D000
trusted library allocation
page read and write
48CD000
trusted library allocation
page read and write
72E0000
trusted library allocation
page read and write
47B4000
heap
page read and write
4296000
trusted library allocation
page read and write
4BAA000
trusted library allocation
page read and write
7D70000
heap
page read and write
480B000
trusted library allocation
page read and write
48B4000
trusted library allocation
page read and write
71D0000
heap
page execute and read and write
8BE000
heap
page read and write
48A2000
trusted library allocation
page read and write
427D000
trusted library allocation
page read and write
49A9000
trusted library allocation
page read and write
4790000
trusted library allocation
page execute and read and write
4201000
trusted library allocation
page read and write
42F3000
trusted library allocation
page read and write
4880000
remote allocation
page read and write
4201000
trusted library allocation
page read and write
4827000
trusted library allocation
page read and write
3085000
heap
page read and write
4690000
heap
page read and write
4C1000
direct allocation
page execute and read and write
3E52000
heap
page read and write
48EA000
trusted library allocation
page read and write
4101000
trusted library allocation
page read and write
94B000
heap
page read and write
70E000
stack
page read and write
4802000
trusted library allocation
page read and write
DFD000
trusted library allocation
page execute and read and write
179D000
heap
page read and write
42E3000
trusted library allocation
page read and write
2DA0000
heap
page read and write
5BC000
stack
page read and write
E3D000
unkown
page readonly
4293000
trusted library allocation
page read and write
48BE000
trusted library allocation
page read and write
42BC000
trusted library allocation
page read and write
42E6000
trusted library allocation
page read and write
2E6C000
stack
page read and write
4801000
trusted library allocation
page read and write
710000
heap
page read and write
4401000
trusted library allocation
page read and write
4201000
trusted library allocation
page read and write
4809000
trusted library allocation
page read and write
8BE000
heap
page read and write
A8E000
stack
page read and write
4804000
trusted library allocation
page read and write
15BE000
stack
page read and write
42DC000
trusted library allocation
page read and write
6F0000
heap
page read and write
48D2000
trusted library allocation
page read and write
480B000
trusted library allocation
page read and write
426B000
trusted library allocation
page read and write
42FE000
trusted library allocation
page read and write
40C000
unkown
page write copy
4ABA000
trusted library allocation
page read and write
4201000
trusted library allocation
page read and write
42A5000
trusted library allocation
page read and write
480D000
trusted library allocation
page read and write
2DFE000
stack
page read and write
495C000
trusted library allocation
page read and write
895000
heap
page read and write
4880000
remote allocation
page read and write
4802000
trusted library allocation
page read and write
1ADB000
heap
page read and write
47C1000
trusted library allocation
page read and write
2BE3000
heap
page read and write
E63000
unkown
page readonly
42A8000
trusted library allocation
page read and write
42BD000
trusted library allocation
page read and write
57C000
stack
page read and write
65C000
stack
page read and write
41F1000
trusted library allocation
page read and write
FA0000
heap
page read and write
42AC000
trusted library allocation
page read and write
99D000
heap
page read and write
4806000
trusted library allocation
page read and write
6AED000
stack
page read and write
499F000
trusted library allocation
page read and write
42CB000
trusted library allocation
page read and write
6037000
trusted library allocation
page read and write
5FF2000
trusted library allocation
page read and write
48BA000
trusted library allocation
page read and write
45FE000
stack
page read and write
493B000
trusted library allocation
page read and write
698000
stack
page read and write
BE9000
heap
page read and write
4890000
trusted library allocation
page read and write
434000
unkown
page read and write
431C000
trusted library allocation
page read and write
5F6F000
trusted library allocation
page read and write
415E000
trusted library allocation
page read and write
48B1000
trusted library allocation
page read and write
42FB000
trusted library allocation
page read and write
4335000
trusted library allocation
page read and write
283E000
stack
page read and write
4276000
trusted library allocation
page read and write
980000
heap
page read and write
419E000
trusted library allocation
page read and write
480B000
trusted library allocation
page read and write
DF0000
trusted library allocation
page read and write
4620000
trusted library allocation
page read and write
1826000
heap
page read and write
42C9000
trusted library allocation
page read and write
42A0000
trusted library allocation
page read and write
4806000
trusted library allocation
page read and write
4A33000
trusted library allocation
page read and write
429A000
trusted library allocation
page read and write
99C000
heap
page read and write
1A90000
heap
page read and write
6EA000
stack
page read and write
3166000
heap
page read and write
15FF000
stack
page read and write
5F97000
trusted library allocation
page read and write
7DC0000
trusted library allocation
page execute and read and write
42AF000
trusted library allocation
page read and write
9B3000
heap
page read and write
41DD000
trusted library allocation
page read and write
2BE7000
heap
page read and write
85A000
heap
page read and write
4C0000
direct allocation
page read and write
1A90000
heap
page read and write
15DA000
stack
page read and write
7370000
trusted library allocation
page read and write
414F000
trusted library allocation
page read and write
42F3000
trusted library allocation
page read and write
72DD000
stack
page read and write
4FFF000
stack
page read and write
48AE000
trusted library allocation
page read and write
430C000
trusted library allocation
page read and write
F2E000
stack
page read and write
3040000
heap
page read and write
430D000
trusted library allocation
page read and write
7064000
heap
page read and write
46F8000
trusted library allocation
page read and write
3079000
heap
page read and write
4276000
trusted library allocation
page read and write
6FF0000
heap
page read and write
7D80000
trusted library allocation
page execute and read and write
4FBE000
stack
page read and write
4276000
trusted library allocation
page read and write
4201000
trusted library allocation
page read and write
400000
unkown
page readonly
974000
heap
page read and write
4285000
trusted library allocation
page read and write
3E52000
heap
page read and write
AB0000
heap
page read and write
46B000
unkown
page read and write
48CE000
trusted library allocation
page read and write
9A9000
heap
page read and write
9BD000
heap
page read and write
5ECA000
trusted library allocation
page read and write
1ADB000
heap
page read and write
71C0000
trusted library allocation
page read and write
4893000
trusted library allocation
page read and write
A2C000
heap
page read and write
1807000
heap
page read and write
E63000
unkown
page readonly
BE0000
heap
page read and write
4B0A000
trusted library allocation
page read and write
790000
heap
page read and write
489E000
trusted library allocation
page read and write
7DA0000
trusted library allocation
page read and write
A4F000
stack
page read and write
41DE000
trusted library allocation
page read and write
1ADB000
heap
page read and write
42BD000
trusted library allocation
page read and write
4899000
trusted library allocation
page read and write
A7E000
stack
page read and write
4804000
trusted library allocation
page read and write
DA1000
unkown
page execute read
42F3000
trusted library allocation
page read and write
4401000
trusted library allocation
page read and write
306B000
heap
page read and write
3079000
heap
page read and write
6CE000
stack
page read and write
715000
heap
page read and write
4698000
heap
page read and write
4807000
trusted library allocation
page read and write
42C2000
trusted library allocation
page read and write
5FA7000
trusted library allocation
page read and write
4805000
trusted library allocation
page read and write
4287000
trusted library allocation
page read and write
880000
heap
page read and write
48C4000
trusted library allocation
page read and write
7300000
trusted library allocation
page read and write
3E52000
heap
page read and write
416A000
trusted library allocation
page read and write
308D000
heap
page read and write
4277000
trusted library allocation
page read and write
4808000
trusted library allocation
page read and write
420000
unkown
page read and write
48CF000
trusted library allocation
page read and write
DF4000
trusted library allocation
page read and write
42BD000
trusted library allocation
page read and write
6B2A000
stack
page read and write
2BE7000
heap
page read and write
644000
heap
page read and write
17BC000
heap
page read and write
4988000
trusted library allocation
page read and write
4802000
trusted library allocation
page read and write
8A6000
heap
page read and write
48D4000
trusted library allocation
page read and write
A00000
heap
page read and write
42F3000
trusted library allocation
page read and write
427A000
trusted library allocation
page read and write
4926000
trusted library allocation
page read and write
48A9000
trusted library allocation
page read and write
4809000
trusted library allocation
page read and write
3E52000
heap
page read and write
48A3000
trusted library allocation
page read and write
42BD000
trusted library allocation
page read and write
4304000
trusted library allocation
page read and write
E75000
unkown
page readonly
F80000
heap
page read and write
2BD0000
heap
page read and write
2C06000
heap
page read and write
CAE000
stack
page read and write
3E52000
heap
page read and write
4807000
trusted library allocation
page read and write
768000
heap
page read and write
3048000
heap
page read and write
42AE000
trusted library allocation
page read and write
48C9000
trusted library allocation
page read and write
4201000
trusted library allocation
page read and write
47B0000
heap
page execute and read and write
307C000
heap
page read and write
68DF000
stack
page read and write
750000
heap
page read and write
5EC8000
trusted library allocation
page read and write
4ADE000
trusted library allocation
page read and write
4339000
trusted library allocation
page read and write
C8C000
stack
page read and write
7A0000
heap
page read and write
3E52000
heap
page read and write
42F2000
trusted library allocation
page read and write
42FC000
trusted library allocation
page read and write
2D2E000
stack
page read and write
499B000
trusted library allocation
page read and write
429F000
trusted library allocation
page read and write
48D1000
trusted library allocation
page read and write
42F4000
trusted library allocation
page read and write
431D000
trusted library allocation
page read and write
4C07000
trusted library allocation
page read and write
480F000
trusted library allocation
page read and write
4600000
trusted library allocation
page read and write
4311000
trusted library allocation
page read and write
4B01000
trusted library allocation
page read and write
528E000
trusted library allocation
page read and write
42C1000
trusted library allocation
page read and write
42CA000
trusted library allocation
page read and write
581E000
trusted library allocation
page read and write
3E52000
heap
page read and write
48B8000
trusted library allocation
page read and write
9EC000
heap
page read and write
2E2F000
stack
page read and write
46E0000
heap
page readonly
48DF000
trusted library allocation
page read and write
3062000
heap
page read and write
688E000
stack
page read and write
42BC000
trusted library allocation
page read and write
6B8E000
stack
page read and write
899000
heap
page read and write
30C000
stack
page read and write
5F52000
trusted library allocation
page read and write
47A0000
trusted library allocation
page read and write
17CD000
heap
page read and write
5EC9000
trusted library allocation
page read and write
48D0000
trusted library allocation
page read and write
There are 718 hidden memdumps, click here to show them.