Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
C:\Users\user\Downloads\86e5ee4c-60e8-477c-a64b-96871fb34572.tmp
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
 |
|
|
C:\Users\user\Downloads\Unconfirmed 208082.crdownload
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\Downloads\efcb6ae6-eb24-48f8-83b3-1d7d158a498d.tmp
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\Downloads\screenpresso-6628595676980865-AsystentPobierania_v3.64.29.021.94.exe (copy)
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\Downloads\screenpresso-6628595676980865-AsystentPobierania_v3.64.29.021.94.exe.crdownload
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\Downloads\screenpresso-6628595676980865-AsystentPobierania_v3.642.90.219.4.exe (copy)
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
Chrome Cache Entry: 68
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
downloaded
|
|
|
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Aug 27 21:04:18 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Aug 27 21:04:18 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Aug 27 21:04:18 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Aug 27 21:04:18 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Aug 27 21:04:18 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
Chrome Cache Entry: 69
|
ASCII text, with very long lines (6198)
|
downloaded
|
There are 5 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Downloads\screenpresso-6628595676980865-AsystentPobierania_v3.642.90.219.4.exe
|
"C:\Users\user\Downloads\screenpresso-6628595676980865-AsystentPobierania_v3.642.90.219.4.exe"
|
|
|
|
C:\Users\user\Downloads\screenpresso-6628595676980865-AsystentPobierania_v3.642.90.219.4.exe
|
"C:\Users\user\Downloads\screenpresso-6628595676980865-AsystentPobierania_v3.642.90.219.4.exe"
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument http://dakvm1hb16unn.cloudfront.net/907GFfC/P6HE/screenpresso-6628595676980865-AsystentPobierania.exe
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2180 --field-trial-handle=1976,i,17971291757294283927,7401414546722355550,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US
--service-sandbox-type=icon_reader --mojo-platform-channel-handle=5420 --field-trial-handle=1976,i,17971291757294283927,7401414546722355550,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US
--service-sandbox-type=icon_reader --mojo-platform-channel-handle=4084 --field-trial-handle=1976,i,17971291757294283927,7401414546722355550,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
||
|
C:\Windows\System32\rundll32.exe
|
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6}
-Embedding
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://dakvm1hb16unn.cloudfront.net/907GFfC/P6HE/screenpresso-6628595676980865-AsystentPobierania.exe
|
|
||
|
http://www.fontbureau.com/designersG
|
unknown
|
||
|
https://d22gsqoq303hfz.cloudfront.net/assets/TotalSecurity_AV/images/1127/V4/EN.png
|
unknown
|
||
|
http://www.fontbureau.com/designers/?
|
unknown
|
||
|
https://www.avast.com/eula-avast-consumer-products
|
unknown
|
||
|
http://www.founder.com.cn/cn/bThe
|
unknown
|
||
|
https://d22gsqoq303hfz.cloudfront.net/assets/Opera/images/DOTPS-717/NCB/lightBG/EN.png
|
unknown
|
||
|
http://ocsp.sectigo.com0
|
unknown
|
||
|
http://d22gsqoq303hfz.cloudfront.net
|
unknown
|
||
|
http://www.fontbureau.com/designers?
|
unknown
|
||
|
https://www.avast.com/privacy-policy
|
unknown
|
||
|
https://d22gsqoq303hfz.cloudfront.net/config/dobreprogramy.pl/v3.642.90.219.4
|
108.138.24.183
|
||
|
http://www.ssl.com/repository/SSLcomRootCertificationAuthorityRSA.crt0
|
unknown
|
||
|
https://www.mcafee.com/consumer/en-us/policy/legal.html
|
unknown
|
||
|
http://ocsps.ssl.com0
|
unknown
|
||
|
http://www.tiro.com
|
unknown
|
||
|
http://www.fontbureau.com/designers
|
unknown
|
||
|
https://img.dobreprogramy.pl/Images/ToolIcon/2735/20140224151938_0.png
|
unknown
|
||
|
http://www.goodfont.co.kr
|
unknown
|
||
|
http://www.ssl.com/repository/SSL.com-Enterprise-Intermediate-codeSigning-RSA-4096-R1.crt0
|
unknown
|
||
|
https://d22gsqoq303hfz.cloudfront.net/assets/TotalSecurity_AV/files/1127/ts360Setup.zipH&_
|
unknown
|
||
|
https://shield.reasonsecurity.com/rsStubActivator.exeH&_
|
unknown
|
||
|
https://d22gsqoq303hfz.cloudfront.net/assets/schema/1.0/schema.xsd
|
108.138.24.183
|
||
|
http://www.sajatypeworks.com
|
unknown
|
||
|
https://cassinilabs.com/privacy/
|
unknown
|
||
|
https://www.avg.com/ww-en/privacy
|
unknown
|
||
|
https://d22gsqoq303hfz.cloudfront.net/assets/RAV_Triple_NCB/images/DOTPS-855/lightBG/EN.png
|
108.138.24.183
|
||
|
http://www.typography.netD
|
unknown
|
||
|
http://www.founder.com.cn/cn/cThe
|
unknown
|
||
|
https://d22gsqoq303hfz.cloudfront.net/report
|
108.138.24.183
|
||
|
http://www.galapagosdesign.com/staff/dennis.htm
|
unknown
|
||
|
http://fontfabrik.com
|
unknown
|
||
|
https://www.screenpresso.com/binaries/releases/stable/dotnet47/Screenpre
|
unknown
|
||
|
https://d22gsqoq303hfz.cloudfront.net/assets/Opera/images/DOTPS-496/lightBG/EN.png
|
unknown
|
||
|
https://reasonlabs.com/policies
|
unknown
|
||
|
https://www.ssl.com/repository0
|
unknown
|
||
|
https://www.winriser.com/privacy-policy
|
unknown
|
||
|
http://www.galapagosdesign.com/DPlease
|
unknown
|
||
|
http://www.fonts.com
|
unknown
|
||
|
http://www.sandoll.co.kr
|
unknown
|
||
|
https://d22gsqoq303hfz.cloudfront.net/assets/WinZip/images/1077/V3/lightBG/EN.png
|
unknown
|
||
|
http://www.urwpp.deDPlease
|
unknown
|
||
|
http://www.zhongyicts.com.cn
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://www.sakkal.com
|
unknown
|
||
|
http://dakvm1hb16unn.cloudfront.net/907GFfC/P6HE/screenpresso-6628595676980865-AsystentPobierania.ex
|
unknown
|
||
|
https://d22gsqoq303hfz.cloudfront.net/assets/Avast/Avast_NCH/files/cookie_mmm_irs_ppi_005_888_h.zipH
|
unknown
|
||
|
https://d22gsqoq303hfz.cloudfront.net/assets/WinRiser/images/1365/new_600x250/lightBG/EN.png
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0
|
unknown
|
||
|
http://www.fontbureau.com
|
unknown
|
||
|
https://d22gsqoq303hfz.cloudfront.net/assets/WinZip/files/1292/winzip28-dci5.zipH&_
|
unknown
|
||
|
https://www.winzip.com/win/en/privacy.html
|
unknown
|
||
|
https://sectigo.com/CPS0
|
unknown
|
||
|
https://www.screenpresso.com/binaries/releases/stable/dotnet47/Screenpresso.exe
|
46.105.204.6
|
||
|
https://d22gsqoq303hfz.cloudfront.net/assets/WinRiser/files/1574/wrsetup.zipH&_
|
unknown
|
||
|
https://d22gsqoq303hfz.cloudfront.net/assets/AVG_AV/files/1319/avg.zipH&_
|
unknown
|
||
|
https://d22gsqoq303hfz.cloudfront.net/assets/Avast/images/DOTPS-1511/lightBG/EN.png
|
unknown
|
||
|
https://www.opera.com/he/eula/computers
|
unknown
|
||
|
https://www.avg.com/ww-en/eula
|
unknown
|
||
|
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
|
216.58.206.68
|
||
|
http://crls.ssl.com/DTNT-Intermediate-codeSigning-RSA-4096-R2.crl0
|
unknown
|
||
|
http://www.carterandcone.coml
|
unknown
|
||
|
https://d22gsqoq303hfz.cloudfront.net/assets/AVG_AV/images/1509/lightBG/EN.png
|
unknown
|
||
|
https://www.360totalsecurity.com/en/license/
|
unknown
|
||
|
https://d22gsqoq303hfz.cloudfront.net/assets/WebAdvisor/images/943/lightBG/EN.png
|
108.138.24.183
|
||
|
https://d22gsqoq303hfz.cloudfront.net/sec
|
108.138.24.183
|
||
|
http://crl.sectigo.com/SectigoRSATimeStampingCA.crl0t
|
unknown
|
||
|
http://www.fontbureau.com/designers/cabarga.htmlN
|
unknown
|
||
|
http://www.founder.com.cn/cn
|
unknown
|
||
|
https://www.360totalsecurity.com/en/privacy/
|
unknown
|
||
|
http://crls.ssl.com/ssl.com-rsa-RootCA.crl0
|
unknown
|
||
|
http://www.fontbureau.com/designers/frere-jones.html
|
unknown
|
||
|
https://d22gsqoq303hfz.cloudfront.net/assets/Opera/files/AutoReplaced/OperaSetup.zipH&_
|
unknown
|
||
|
https://www.wp.pl/?src02=dp_desktop&src01=3t88r
|
unknown
|
||
|
http://crt.sectigo.com/SectigoRSATimeStampingCA.crt0#
|
unknown
|
||
|
https://d22gsqoq303hfz.cloudfront.net/assets/WebAdvisor/files/1489/saBSI.zipH&_
|
unknown
|
||
|
http://www.jiyu-kobo.co.jp/
|
unknown
|
||
|
https://shield.reasonsecurity.com/rsStubActivator.exe
|
unknown
|
||
|
https://d22gsqoq303hfz.cloudfront.net/assets/Avast/cookie_mmm_irs_ppi_005_888_d.zipH&_
|
unknown
|
||
|
http://cert.ssl.com/DTNT-Intermediate-codeSigning-RSA-4096-R2.cer0Q
|
unknown
|
||
|
http://www.fontbureau.com/designers8
|
unknown
|
||
|
http://dakvm1hb16unn.cloudfront.net/907GFfC/P6HE/screenpresso-6628595676980865-AsystentPobierania.exe
|
18.165.185.224
|
||
|
https://holding.wp.pl/poufnosc
|
unknown
|
||
|
https://www.winriser.com/eula
|
unknown
|
||
|
https://d22gsqoq303hfz.cloudfront.net
|
unknown
|
||
|
https://www.opera.com/he/privacy
|
unknown
|
||
|
http://crls.ssl.com/SSL.com-Enterprise-Intermediate-codeSigning-RSA-4096-R1.crl0
|
unknown
|
||
|
https://www.winzip.com/win/en/eula.html
|
unknown
|
There are 77 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
dakvm1hb16unn.cloudfront.net
|
18.165.185.224
|
||
|
www.google.com
|
216.58.206.68
|
||
|
d22gsqoq303hfz.cloudfront.net
|
108.138.24.183
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
18.165.185.224
|
dakvm1hb16unn.cloudfront.net
|
United States
|
||
|
108.138.24.183
|
d22gsqoq303hfz.cloudfront.net
|
United States
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
192.168.2.16
|
unknown
|
unknown
|
||
|
192.168.2.4
|
unknown
|
unknown
|
||
|
216.58.206.68
|
www.google.com
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\screenpresso-6628595676980865-AsystentPobierania_v3_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\screenpresso-6628595676980865-AsystentPobierania_v3_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\screenpresso-6628595676980865-AsystentPobierania_v3_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\screenpresso-6628595676980865-AsystentPobierania_v3_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\screenpresso-6628595676980865-AsystentPobierania_v3_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\screenpresso-6628595676980865-AsystentPobierania_v3_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\screenpresso-6628595676980865-AsystentPobierania_v3_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\screenpresso-6628595676980865-AsystentPobierania_v3_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\screenpresso-6628595676980865-AsystentPobierania_v3_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\screenpresso-6628595676980865-AsystentPobierania_v3_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\screenpresso-6628595676980865-AsystentPobierania_v3_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\screenpresso-6628595676980865-AsystentPobierania_v3_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\screenpresso-6628595676980865-AsystentPobierania_v3_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\screenpresso-6628595676980865-AsystentPobierania_v3_RASMANCS
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\B7AB3308D1EA4477BA1480125A6FBDA936490CBB
|
Blob
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\B7AB3308D1EA4477BA1480125A6FBDA936490CBB
|
Blob
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\2B8F1B57330DBBA2D07A6C51F70EE90DDAB9AD8E
|
Blob
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\2B8F1B57330DBBA2D07A6C51F70EE90DDAB9AD8E
|
Blob
|
There are 8 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
7FFEB82D0000
|
trusted library allocation
|
page read and write
|
||
|
7FFEB8300000
|
trusted library allocation
|
page read and write
|
||
|
7FFEB8560000
|
trusted library allocation
|
page read and write
|
||
|
2101A000
|
heap
|
page read and write
|
||
|
13271000
|
trusted library allocation
|
page read and write
|
||
|
132BB000
|
trusted library allocation
|
page read and write
|
||
|
1C350000
|
trusted library section
|
page readonly
|
||
|
7FFEB8550000
|
trusted library allocation
|
page read and write
|
||
|
B5E000
|
unkown
|
page readonly
|
||
|
13289000
|
trusted library allocation
|
page read and write
|
||
|
1212000
|
heap
|
page read and write
|
||
|
B4F000
|
unkown
|
page readonly
|
||
|
210B6000
|
heap
|
page read and write
|
||
|
3823000
|
trusted library allocation
|
page read and write
|
||
|
BA1000
|
unkown
|
page readonly
|
||
|
7FFEB84E0000
|
trusted library allocation
|
page read and write
|
||
|
317E000
|
trusted library allocation
|
page read and write
|
||
|
1DBF2000
|
trusted library allocation
|
page read and write
|
||
|
1190000
|
trusted library allocation
|
page read and write
|
||
|
1324C000
|
trusted library allocation
|
page read and write
|
||
|
1484000
|
heap
|
page execute and read and write
|
||
|
7FFEB8337000
|
trusted library allocation
|
page read and write
|
||
|
7FF4E1260000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFEB8580000
|
trusted library allocation
|
page read and write
|
||
|
1E4B2000
|
trusted library allocation
|
page read and write
|
||
|
2201C000
|
stack
|
page read and write
|
||
|
7FFEB8355000
|
trusted library allocation
|
page read and write
|
||
|
130E4000
|
trusted library allocation
|
page read and write
|
||
|
13069000
|
trusted library allocation
|
page read and write
|
||
|
13125000
|
trusted library allocation
|
page read and write
|
||
|
1120000
|
heap
|
page read and write
|
||
|
7FFEB8370000
|
trusted library allocation
|
page read and write
|
||
|
132ED000
|
trusted library allocation
|
page read and write
|
||
|
12DB000
|
heap
|
page read and write
|
||
|
11F0000
|
heap
|
page read and write
|
||
|
11B0000
|
trusted library allocation
|
page read and write
|
||
|
1F837000
|
heap
|
page read and write
|
||
|
7FFEB8240000
|
trusted library allocation
|
page read and write
|
||
|
7FFEB8430000
|
trusted library allocation
|
page read and write
|
||
|
21086000
|
heap
|
page read and write
|
||
|
1327E000
|
trusted library allocation
|
page read and write
|
||
|
1B890000
|
heap
|
page read and write
|
||
|
316B000
|
trusted library allocation
|
page read and write
|
||
|
1B956000
|
heap
|
page read and write
|
||
|
1C2F8000
|
stack
|
page read and write
|
||
|
1B91D000
|
heap
|
page read and write
|
||
|
130F7000
|
trusted library allocation
|
page read and write
|
||
|
7FFEB8210000
|
trusted library allocation
|
page read and write
|
||
|
7FFEB83CC000
|
trusted library allocation
|
page read and write
|
||
|
1BB70000
|
heap
|
page read and write
|
||
|
132E6000
|
trusted library allocation
|
page read and write
|
||
|
1BD1E000
|
stack
|
page read and write
|
||
|
386A000
|
trusted library allocation
|
page read and write
|
||
|
13227000
|
trusted library allocation
|
page read and write
|
||
|
35F6000
|
trusted library allocation
|
page read and write
|
||
|
2222D000
|
stack
|
page read and write
|
||
|
1D7877A0000
|
heap
|
page read and write
|
||
|
1305E000
|
trusted library allocation
|
page read and write
|
||
|
3604000
|
trusted library allocation
|
page read and write
|
||
|
3038000
|
trusted library allocation
|
page read and write
|
||
|
7FFEB807D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFEB80AC000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFEB8074000
|
trusted library allocation
|
page read and write
|
||
|
1B990000
|
heap
|
page read and write
|
||
|
1312E000
|
trusted library allocation
|
page read and write
|
||
|
7FFEB82B8000
|
trusted library allocation
|
page read and write
|
||
|
13164000
|
trusted library allocation
|
page read and write
|
||
|
13316000
|
trusted library allocation
|
page read and write
|
||
|
9A5987C000
|
stack
|
page read and write
|
||
|
1324F000
|
trusted library allocation
|
page read and write
|
||
|
7FFEB85A0000
|
trusted library allocation
|
page read and write
|
||
|
1C020000
|
trusted library allocation
|
page read and write
|
||
|
B33000
|
unkown
|
page readonly
|
||
|
14A5000
|
heap
|
page read and write
|
||
|
3895000
|
trusted library allocation
|
page read and write
|
||
|
7FFEB8220000
|
trusted library allocation
|
page read and write
|
||
|
13236000
|
trusted library allocation
|
page read and write
|
||
|
7FFEB84C0000
|
trusted library allocation
|
page read and write
|
||
|
125E000
|
heap
|
page read and write
|
||
|
130DB000
|
trusted library allocation
|
page read and write
|
||
|
10E0000
|
heap
|
page read and write
|
||
|
1DB90000
|
heap
|
page execute and read and write
|
||
|
1C009000
|
heap
|
page read and write
|
||
|
7FFEB810C000
|
trusted library allocation
|
page execute and read and write
|
||
|
1FC8A000
|
heap
|
page read and write
|
||
|
21013000
|
heap
|
page read and write
|
||
|
7FFEB82C2000
|
trusted library allocation
|
page read and write
|
||
|
21EF6000
|
trusted library allocation
|
page read and write
|
||
|
1490000
|
trusted library allocation
|
page read and write
|
||
|
7FFEB82C0000
|
trusted library allocation
|
page read and write
|
||
|
131F8000
|
trusted library allocation
|
page read and write
|
||
|
3176000
|
trusted library allocation
|
page read and write
|
||
|
7FFEB8332000
|
trusted library allocation
|
page read and write
|
||
|
7FFEB85C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1480000
|
heap
|
page execute and read and write
|
||
|
13022000
|
trusted library allocation
|
page read and write
|
||
|
7FFEB83B0000
|
trusted library allocation
|
page read and write
|
||
|
7FFEB8360000
|
trusted library allocation
|
page read and write
|
||
|
13082000
|
trusted library allocation
|
page read and write
|
||
|
1BABD000
|
stack
|
page read and write
|
||
|
1326C000
|
trusted library allocation
|
page read and write
|
||
|
385A000
|
trusted library allocation
|
page read and write
|
||
|
1323E000
|
trusted library allocation
|
page read and write
|
||
|
1AFF0000
|
trusted library allocation
|
page read and write
|
||
|
12FC1000
|
trusted library allocation
|
page read and write
|
||
|
3994000
|
trusted library allocation
|
page read and write
|
||
|
1D787590000
|
heap
|
page read and write
|
||
|
11A0000
|
heap
|
page execute and read and write
|
||
|
125A000
|
heap
|
page read and write
|
||
|
132CB000
|
trusted library allocation
|
page read and write
|
||
|
B58000
|
unkown
|
page readonly
|
||
|
13259000
|
trusted library allocation
|
page read and write
|
||
|
131BB000
|
trusted library allocation
|
page read and write
|
||
|
1B929000
|
heap
|
page read and write
|
||
|
21010000
|
heap
|
page read and write
|
||
|
7FFEB8410000
|
trusted library allocation
|
page read and write
|
||
|
2164D000
|
stack
|
page read and write
|
||
|
13173000
|
trusted library allocation
|
page read and write
|
||
|
3986000
|
trusted library allocation
|
page read and write
|
||
|
1E3FF000
|
trusted library allocation
|
page read and write
|
||
|
B30000
|
unkown
|
page readonly
|
||
|
7FFEB854A000
|
trusted library allocation
|
page read and write
|
||
|
7FFEB82B0000
|
trusted library allocation
|
page read and write
|
||
|
B91000
|
unkown
|
page readonly
|
||
|
13170000
|
trusted library allocation
|
page read and write
|
||
|
7FFEB8530000
|
trusted library allocation
|
page read and write
|
||
|
1BF20000
|
heap
|
page read and write
|
||
|
1317A000
|
trusted library allocation
|
page read and write
|
||
|
130AD000
|
trusted library allocation
|
page read and write
|
||
|
B8F000
|
unkown
|
page readonly
|
||
|
2184C000
|
stack
|
page read and write
|
||
|
1C1F0000
|
trusted library allocation
|
page read and write
|
||
|
17AE000
|
stack
|
page read and write
|
||
|
7FFEB8570000
|
trusted library allocation
|
page read and write
|
||
|
7FFEB8170000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFEB85B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
21850000
|
heap
|
page read and write
|
||
|
C21000
|
unkown
|
page readonly
|
||
|
21020000
|
heap
|
page read and write
|
||
|
32C7000
|
trusted library allocation
|
page read and write
|
||
|
21065000
|
heap
|
page read and write
|
||
|
31F0000
|
trusted library allocation
|
page read and write
|
||
|
12E7000
|
heap
|
page read and write
|
||
|
1315F000
|
trusted library allocation
|
page read and write
|
||
|
122F000
|
heap
|
page read and write
|
||
|
7FFEB8540000
|
trusted library allocation
|
page read and write
|
||
|
7FFEB8310000
|
trusted library allocation
|
page read and write
|
||
|
1FCFC000
|
heap
|
page read and write
|
||
|
1000000
|
heap
|
page read and write
|
||
|
130C1000
|
trusted library allocation
|
page read and write
|
||
|
130FC000
|
trusted library allocation
|
page read and write
|
||
|
131A1000
|
trusted library allocation
|
page read and write
|
||
|
38A3000
|
trusted library allocation
|
page read and write
|
||
|
7FFEB8610000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFEB8106000
|
trusted library allocation
|
page read and write
|
||
|
1BB3F000
|
heap
|
page read and write
|
||
|
1BF97000
|
heap
|
page read and write
|
||
|
1320E000
|
trusted library allocation
|
page read and write
|
||
|
11E0000
|
heap
|
page read and write
|
||
|
B30000
|
unkown
|
page readonly
|
||
|
13205000
|
trusted library allocation
|
page read and write
|
||
|
132B9000
|
trusted library allocation
|
page read and write
|
||
|
132E4000
|
trusted library allocation
|
page read and write
|
||
|
37EA000
|
trusted library allocation
|
page read and write
|
||
|
317A000
|
trusted library allocation
|
page read and write
|
||
|
C03000
|
unkown
|
page readonly
|
||
|
131AE000
|
trusted library allocation
|
page read and write
|
||
|
BBA000
|
unkown
|
page readonly
|
||
|
1D789080000
|
heap
|
page read and write
|
||
|
B00000
|
unkown
|
page readonly
|
||
|
1F81B000
|
heap
|
page read and write
|
||
|
3164000
|
trusted library allocation
|
page read and write
|
||
|
7FFEB81F0000
|
trusted library allocation
|
page read and write
|
||
|
1B34A000
|
heap
|
page read and write
|
||
|
31D9000
|
trusted library allocation
|
page read and write
|
||
|
1FB00000
|
heap
|
page read and write
|
||
|
17E0000
|
trusted library allocation
|
page read and write
|
||
|
7FFEB8380000
|
trusted library allocation
|
page read and write
|
||
|
1FBB0000
|
heap
|
page read and write
|
||
|
2FC1000
|
trusted library allocation
|
page read and write
|
||
|
181D000
|
heap
|
page read and write
|
||
|
1326F000
|
trusted library allocation
|
page read and write
|
||
|
B02000
|
unkown
|
page readonly
|
||
|
1BFBA000
|
heap
|
page read and write
|
||
|
1328D000
|
trusted library allocation
|
page read and write
|
||
|
7FFEB82C5000
|
trusted library allocation
|
page read and write
|
||
|
13143000
|
trusted library allocation
|
page read and write
|
||
|
9A599FF000
|
stack
|
page read and write
|
||
|
9A598FE000
|
stack
|
page read and write
|
||
|
1170000
|
trusted library allocation
|
page read and write
|
||
|
131AA000
|
trusted library allocation
|
page read and write
|
||
|
7FFEB8510000
|
trusted library allocation
|
page read and write
|
||
|
1C0EE000
|
stack
|
page read and write
|
||
|
12E3000
|
heap
|
page read and write
|
||
|
7FFEB8250000
|
trusted library allocation
|
page read and write
|
||
|
7FFEB8500000
|
trusted library allocation
|
page read and write
|
||
|
2109F000
|
heap
|
page read and write
|
||
|
1B92D000
|
heap
|
page read and write
|
||
|
7FFEB821B000
|
trusted library allocation
|
page read and write
|
||
|
C1D000
|
unkown
|
page readonly
|
||
|
7FFEB8063000
|
trusted library allocation
|
page read and write
|
||
|
2174E000
|
stack
|
page read and write
|
||
|
21DDE000
|
stack
|
page read and write
|
||
|
21015000
|
heap
|
page read and write
|
||
|
1C57B000
|
trusted library allocation
|
page read and write
|
||
|
1D7874B0000
|
heap
|
page read and write
|
||
|
7FFEB8543000
|
trusted library allocation
|
page read and write
|
||
|
7FFEB8230000
|
trusted library allocation
|
page read and write
|
||
|
C30000
|
unkown
|
page readonly
|
||
|
1BBCE000
|
heap
|
page read and write
|
||
|
1BF48000
|
heap
|
page read and write
|
||
|
13299000
|
trusted library allocation
|
page read and write
|
||
|
7FFEB8053000
|
trusted library allocation
|
page execute and read and write
|
||
|
13222000
|
trusted library allocation
|
page read and write
|
||
|
1FB0B000
|
heap
|
page read and write
|
||
|
1B9B0000
|
heap
|
page read and write
|
||
|
130A2000
|
trusted library allocation
|
page read and write
|
||
|
21083000
|
heap
|
page read and write
|
||
|
1BF83000
|
heap
|
page read and write
|
||
|
130DD000
|
trusted library allocation
|
page read and write
|
||
|
7FFEB82F0000
|
trusted library allocation
|
page read and write
|
||
|
B5B000
|
unkown
|
page readonly
|
||
|
1BB82000
|
heap
|
page read and write
|
||
|
36F3000
|
trusted library allocation
|
page read and write
|
||
|
13148000
|
trusted library allocation
|
page read and write
|
||
|
131EC000
|
trusted library allocation
|
page read and write
|
||
|
C15000
|
unkown
|
page readonly
|
||
|
21070000
|
heap
|
page read and write
|
||
|
BC3000
|
unkown
|
page readonly
|
||
|
21E5A000
|
trusted library allocation
|
page read and write
|
||
|
13207000
|
trusted library allocation
|
page read and write
|
||
|
1C1FF000
|
trusted library allocation
|
page read and write
|
||
|
B2E000
|
unkown
|
page readonly
|
||
|
7FFEB805D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1E4B5000
|
trusted library allocation
|
page read and write
|
||
|
13252000
|
trusted library allocation
|
page read and write
|
||
|
7FFEB83C0000
|
trusted library allocation
|
page read and write
|
||
|
132D7000
|
trusted library allocation
|
page read and write
|
||
|
1BFD1000
|
heap
|
page read and write
|
||
|
1BBB6000
|
heap
|
page read and write
|
||
|
1BB20000
|
heap
|
page read and write
|
||
|
14A0000
|
heap
|
page read and write
|
||
|
1F824000
|
heap
|
page read and write
|
||
|
130B0000
|
trusted library allocation
|
page read and write
|
||
|
7FFEB8050000
|
trusted library allocation
|
page read and write
|
||
|
7FFEB8440000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFEB82B6000
|
trusted library allocation
|
page read and write
|
||
|
21080000
|
heap
|
page read and write
|
||
|
C05000
|
unkown
|
page readonly
|
||
|
7FFEB8420000
|
trusted library allocation
|
page read and write
|
||
|
7FFEB8100000
|
trusted library allocation
|
page read and write
|
||
|
1D7877A5000
|
heap
|
page read and write
|
||
|
7FFEB8320000
|
trusted library allocation
|
page execute and read and write
|
||
|
1100000
|
heap
|
page read and write
|
||
|
131BD000
|
trusted library allocation
|
page read and write
|
||
|
15AE000
|
stack
|
page read and write
|
||
|
7FFEB8054000
|
trusted library allocation
|
page read and write
|
||
|
316E000
|
trusted library allocation
|
page read and write
|
||
|
1329C000
|
trusted library allocation
|
page read and write
|
||
|
132D3000
|
trusted library allocation
|
page read and write
|
||
|
122C000
|
heap
|
page read and write
|
||
|
13145000
|
trusted library allocation
|
page read and write
|
||
|
13114000
|
trusted library allocation
|
page read and write
|
||
|
1FE00000
|
trusted library allocation
|
page read and write
|
||
|
1B54C000
|
stack
|
page read and write
|
||
|
1C33E000
|
stack
|
page read and write
|
||
|
BA9000
|
unkown
|
page readonly
|
||
|
11B3000
|
trusted library allocation
|
page read and write
|
||
|
C2E000
|
unkown
|
page readonly
|
||
|
1BB4B000
|
heap
|
page read and write
|
||
|
13EE000
|
stack
|
page read and write
|
||
|
132B6000
|
trusted library allocation
|
page read and write
|
||
|
7FFEB82E0000
|
trusted library allocation
|
page read and write
|
||
|
1C1EE000
|
stack
|
page read and write
|
||
|
7FFEB8520000
|
trusted library allocation
|
page read and write
|
||
|
1310C000
|
trusted library allocation
|
page read and write
|
||
|
1810000
|
heap
|
page read and write
|
||
|
130CE000
|
trusted library allocation
|
page read and write
|
||
|
7FFEB8136000
|
trusted library allocation
|
page execute and read and write
|
||
|
13224000
|
trusted library allocation
|
page read and write
|
||
|
B8C000
|
unkown
|
page readonly
|
||
|
21E5F000
|
trusted library allocation
|
page read and write
|
||
|
1319F000
|
trusted library allocation
|
page read and write
|
||
|
1BF3D000
|
heap
|
page read and write
|
||
|
1BB55000
|
heap
|
page read and write
|
||
|
B4A000
|
unkown
|
page readonly
|
||
|
7FFEB85F0000
|
trusted library allocation
|
page read and write
|
||
|
21097000
|
heap
|
page read and write
|
||
|
13192000
|
trusted library allocation
|
page read and write
|
||
|
7FFEB807B000
|
trusted library allocation
|
page execute and read and write
|
||
|
31DD000
|
trusted library allocation
|
page read and write
|
||
|
1DFD0000
|
heap
|
page execute and read and write
|
||
|
11F8000
|
heap
|
page read and write
|
||
|
B9E000
|
unkown
|
page readonly
|
||
|
37DC000
|
trusted library allocation
|
page read and write
|
||
|
DB3000
|
stack
|
page read and write
|
||
|
B65000
|
unkown
|
page readonly
|
||
|
7FFEB8364000
|
trusted library allocation
|
page read and write
|
||
|
7FFEB84E9000
|
trusted library allocation
|
page read and write
|
||
|
1FB10000
|
heap
|
page read and write
|
||
|
2154E000
|
stack
|
page read and write
|
||
|
7FFEB84F0000
|
trusted library allocation
|
page read and write
|
||
|
17E9000
|
trusted library allocation
|
page read and write
|
||
|
7FFEB8200000
|
trusted library allocation
|
page read and write
|
||
|
1BB2B000
|
heap
|
page read and write
|
||
|
20EFE000
|
stack
|
page read and write
|
||
|
1D7875B0000
|
heap
|
page read and write
|
||
|
7FFEB8600000
|
trusted library allocation
|
page read and write
|
||
|
2100A000
|
stack
|
page read and write
|
||
|
7FFEB85D0000
|
trusted library allocation
|
page read and write
|
||
|
1B95F000
|
heap
|
page read and write
|
||
|
7FFEB83E0000
|
trusted library allocation
|
page read and write
|
||
|
BAD000
|
unkown
|
page readonly
|
||
|
7FFEB83D0000
|
trusted library allocation
|
page read and write
|
||
|
1815000
|
heap
|
page read and write
|
||
|
39A2000
|
trusted library allocation
|
page read and write
|
||
|
1B9B3000
|
heap
|
page read and write
|
||
|
C37000
|
unkown
|
page readonly
|
||
|
132A3000
|
trusted library allocation
|
page read and write
|
||
|
7FFEB83A0000
|
trusted library allocation
|
page read and write
|
||
|
212DF000
|
stack
|
page read and write
|
||
|
7FFEB8299000
|
trusted library allocation
|
page read and write
|
||
|
131D7000
|
trusted library allocation
|
page read and write
|
||
|
1B953000
|
heap
|
page read and write
|
||
|
3711000
|
trusted library allocation
|
page read and write
|
||
|
7FFEB806D000
|
trusted library allocation
|
page execute and read and write
|
||
|
131DA000
|
trusted library allocation
|
page read and write
|
||
|
13127000
|
trusted library allocation
|
page read and write
|
||
|
132C8000
|
trusted library allocation
|
page read and write
|
||
|
131F4000
|
trusted library allocation
|
page read and write
|
||
|
1D7875F0000
|
heap
|
page read and write
|
||
|
131C4000
|
trusted library allocation
|
page read and write
|
||
|
7FFEB8110000
|
trusted library allocation
|
page execute and read and write
|
||
|
32D8000
|
trusted library allocation
|
page read and write
|
||
|
7FFEB8400000
|
trusted library allocation
|
page read and write
|
||
|
1BB10000
|
heap
|
page read and write
|
||
|
1DBD0000
|
trusted library allocation
|
page read and write
|
||
|
1BF1E000
|
stack
|
page read and write
|
||
|
1FB04000
|
heap
|
page read and write
|
||
|
130CA000
|
trusted library allocation
|
page read and write
|
||
|
7FFEB8590000
|
trusted library allocation
|
page read and write
|
||
|
1BF26000
|
heap
|
page read and write
|
||
|
1BFE3000
|
heap
|
page read and write
|
||
|
1316D000
|
trusted library allocation
|
page read and write
|
||
|
7FFEB8052000
|
trusted library allocation
|
page read and write
|
||
|
9A5997F000
|
stack
|
page read and write
|
||
|
130BF000
|
trusted library allocation
|
page read and write
|
||
|
21897000
|
heap
|
page read and write
|
||
|
13118000
|
trusted library allocation
|
page read and write
|
||
|
130B2000
|
trusted library allocation
|
page read and write
|
||
|
1BB50000
|
heap
|
page read and write
|
||
|
7FFEB84D0000
|
trusted library allocation
|
page read and write
|
||
|
1FB20000
|
heap
|
page read and write
|
||
|
131DC000
|
trusted library allocation
|
page read and write
|
||
|
21094000
|
heap
|
page read and write
|
||
|
7FFEB8070000
|
trusted library allocation
|
page read and write
|
||
|
BBC000
|
unkown
|
page readonly
|
||
|
7FFEB8335000
|
trusted library allocation
|
page read and write
|
||
|
7FFEB8350000
|
trusted library allocation
|
page read and write
|
||
|
1D7875F9000
|
heap
|
page read and write
|
||
|
36E5000
|
trusted library allocation
|
page read and write
|
||
|
13190000
|
trusted library allocation
|
page read and write
|
||
|
7FFEB83F0000
|
trusted library allocation
|
page read and write
|
||
|
13157000
|
trusted library allocation
|
page read and write
|
||
|
1C023000
|
trusted library allocation
|
page read and write
|
||
|
1B915000
|
heap
|
page read and write
|
||
|
C01000
|
unkown
|
page readonly
|
||
|
7FFEB8390000
|
trusted library allocation
|
page read and write
|
||
|
1318D000
|
trusted library allocation
|
page read and write
|
||
|
B42000
|
unkown
|
page readonly
|
||
|
1B8A1000
|
heap
|
page read and write
|
||
|
1258000
|
heap
|
page read and write
|
||
|
7FFEB82AF000
|
trusted library allocation
|
page read and write
|
||
|
7FFEB821E000
|
trusted library allocation
|
page read and write
|
||
|
16AE000
|
stack
|
page read and write
|
||
|
1BE18000
|
stack
|
page read and write
|
||
|
7FFEB85E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
130FA000
|
trusted library allocation
|
page read and write
|
||
|
7FFEB8690000
|
trusted library allocation
|
page execute and read and write
|
||
|
319A000
|
trusted library allocation
|
page read and write
|
||
|
13243000
|
trusted library allocation
|
page read and write
|
||
|
21074000
|
heap
|
page read and write
|
||
|
17F0000
|
heap
|
page read and write
|
||
|
13280000
|
trusted library allocation
|
page read and write
|
There are 374 hidden memdumps, click here to show them.