IOC Report
file.exe

loading gif

Files

File Path
Type
Category
Malicious
file.exe
PE32+ executable (console) x86-64, for MS Windows
initial sample
 malicious
C:\Windows\System\Csmwgyb.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
 malicious
C:\Windows\System\ERbKWDm.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
 malicious
C:\Windows\System\FGSooXz.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
 malicious
C:\Windows\System\LKurWpq.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
 malicious
C:\Windows\System\MwFvbxc.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
 malicious
C:\Windows\System\QWtCxan.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
 malicious
C:\Windows\System\UqXZtcb.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
 malicious
C:\Windows\System\VFkciqc.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
 malicious
C:\Windows\System\VHwkuIa.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
 malicious
C:\Windows\System\VWrcuzM.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
 malicious
C:\Windows\System\WCbcoxD.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
 malicious
C:\Windows\System\WLWcTVM.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
 malicious
C:\Windows\System\XZxtJFw.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
 malicious
C:\Windows\System\ZTSJHKb.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
 malicious
C:\Windows\System\bJVoOik.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
 malicious
C:\Windows\System\bzSbRdi.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
 malicious
C:\Windows\System\defQfgC.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
 malicious
C:\Windows\System\eVVPPqR.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
 malicious
C:\Windows\System\fpHmIIc.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
 malicious
C:\Windows\System\hAOVVjq.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
 malicious
C:\Windows\System\hEUEsIC.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
 malicious
C:\Windows\System\iHSYLud.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
 malicious
C:\Windows\System\imwRXsl.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
 malicious
C:\Windows\System\jtnQpnb.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
 malicious
C:\Windows\System\mKdsHiQ.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
 malicious
C:\Windows\System\mbSqRHL.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
 malicious
C:\Windows\System\nWSykjl.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
 malicious
C:\Windows\System\oxCQuSo.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
 malicious
C:\Windows\System\sabRErB.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
 malicious
C:\Windows\System\sdTevgk.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
 malicious
C:\Windows\System\tyQdqmC.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
 malicious
C:\Windows\System\uxMRJKa.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
 malicious
C:\Windows\System\vyHGCnK.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
 malicious
C:\Windows\System\wHnuprt.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
 malicious
C:\Windows\System\wJNkgSa.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
 malicious
C:\Windows\System\wkazDeV.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
 malicious
C:\Windows\System\xIpouRJ.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
 malicious
C:\Windows\System\xNhRSWh.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\MSIMGSIZ.DAT
data
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ATCVA5TX\3m-0151c2fda0ce[1].svg
SVG Scalable Vector Graphics image
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ATCVA5TX\behaviors-b32b736e8b72[1].js
ASCII text, with very long lines (36842)
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ATCVA5TX\bg-glow-purple-6e9a6a96cb04[1].png
PNG image data, 8 x 7, 8-bit/color RGBA, non-interlaced
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ATCVA5TX\dashboard-a70f6c490d6e[1].css
ASCII text, with very long lines (9537)
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ATCVA5TX\dayhaysoos-c50659cac73b[1].jpg
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 192x192, components 3
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ATCVA5TX\element-registry-f52a50a0449b[1].js
ASCII text, with very long lines (55142)
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ATCVA5TX\experiments-d77f07364a5f[1].css
ASCII text, with very long lines (3554)
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ATCVA5TX\footer-mona-d1c861cd8018[1].png
PNG image data, 491 x 491, 8-bit colormap, non-interlaced
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ATCVA5TX\illu-copilot-editor-6474457a5b19[1].png
PNG image data, 2496 x 1302, 8-bit colormap, non-interlaced
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ATCVA5TX\illu-pull-requests-2-280cc958fc05[1].png
PNG image data, 1208 x 804, 8-bit colormap, non-interlaced
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ATCVA5TX\illu-secret-scanning-2-88fb429376d6[1].png
PNG image data, 1208 x 804, 8-bit colormap, non-interlaced
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ATCVA5TX\kpmg-c249f20c5173[1].svg
SVG Scalable Vector Graphics image
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ATCVA5TX\sessions-f3ddee0032e4[1].js
ASCII text, with very long lines (11824)
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ATCVA5TX\shape-2-f30dcc9bd35c[1].svg
SVG Scalable Vector Graphics image
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ATCVA5TX\shape-3-9e542b5c31b8[1].svg
SVG Scalable Vector Graphics image
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ATCVA5TX\sindresorhus-d3224f241a4d[1].jpg
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ATCVA5TX\ui_packages_updatable-content_updatable-content_ts-3f4401350bd7[1].js
ASCII text, with very long lines (9719)
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ATCVA5TX\vendors-node_modules_color-convert_index_js-0e07cc183eed[1].js
ASCII text, with very long lines (13195)
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ATCVA5TX\vendors-node_modules_delegated-events_dist_index_js-node_modules_github_catalyst_lib_index_js-06ff531-bf7e5a3732fd[1].js
ASCII text, with very long lines (11533)
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ATCVA5TX\vendors-node_modules_dompurify_dist_purify_js-b73fdff77a4e[1].js
ASCII text, with very long lines (21472)
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ATCVA5TX\vendors-node_modules_github_auto-complete-element_dist_index_js-a164c5ea9f62[1].js
ASCII text, with very long lines (14095)
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ATCVA5TX\vendors-node_modules_github_catalyst_lib_index_js-node_modules_primer_live-region-element_dis-428401-bb66ac5d7472[1].js
ASCII text, with very long lines (11341)
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ATCVA5TX\vendors-node_modules_github_filter-input-element_dist_index_js-node_modules_github_remote-inp-d1a841-8f251a0656e7[1].js
ASCII text, with very long lines (23218)
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ATCVA5TX\vendors-node_modules_github_remote-form_dist_index_js-node_modules_delegated-events_dist_inde-94fd67-9a621ecbf672[1].js
ASCII text, with very long lines (14660)
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ATCVA5TX\vendors-node_modules_github_webgl-globe_dist_js_main_js-7ace716f3606[1].js
ASCII text, with very long lines (65536), with no line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ATCVA5TX\vendors-node_modules_primer_react_lib-esm_Button_Button_js-f36ad879d477[1].js
ASCII text, with very long lines (18145)
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ATCVA5TX\wp-runtime-f35b332dbe90[1].js
ASCII text, with very long lines (55515)
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BEDT2L3A\app_assets_modules_github_behaviors_task-list_ts-app_assets_modules_github_sso_ts-ui_packages-900dde-ab87c1d6c5c8[1].js
ASCII text, with very long lines (7914)
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BEDT2L3A\commandpost-18d45fffda67[1].png
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BEDT2L3A\dark-9c5b7a476542[1].css
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BEDT2L3A\directus-4da9e46da0ac[1].png
PNG image data, 192 x 192, 8-bit/color RGB, non-interlaced
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BEDT2L3A\discussions-adf1d1b8b95c[1].css
ASCII text, with very long lines (5026)
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BEDT2L3A\footer-star-36e5b5724973[1].png
PNG image data, 117 x 117, 8-bit colormap, non-interlaced
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BEDT2L3A\git-branch-collaboration-2-e46b1fb1d363[1].svg
SVG Scalable Vector Graphics image
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BEDT2L3A\git-branch-security-2-f6a799957581[1].svg
SVG Scalable Vector Graphics image
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BEDT2L3A\home-fa7c9cc8a53c[1].js
ASCII text, with very long lines (1520)
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BEDT2L3A\homebrew-c7e38eeacb52[1].png
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BEDT2L3A\illu-actions-2-c5178134f381[1].png
PNG image data, 1306 x 992, 8-bit colormap, non-interlaced
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BEDT2L3A\issues-plan-2-46d1ce1d4519[1].png
PNG image data, 2498 x 1450, 8-bit colormap, non-interlaced
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BEDT2L3A\light-3e154969b9f9[1].css
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BEDT2L3A\marketing-experiments-6794cdd7dce1[1].js
ASCII text, with very long lines (8438)
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BEDT2L3A\mercedes-fcf97d2d6ec4[1].svg
SVG Scalable Vector Graphics image
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BEDT2L3A\notifications-global-54f34167118d[1].js
ASCII text, with very long lines (11383)
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BEDT2L3A\sap-96248a56d312[1].svg
SVG Scalable Vector Graphics image
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BEDT2L3A\shape-1-c219318e479a[1].svg
SVG Scalable Vector Graphics image
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BEDT2L3A\site-fbd7cf8f6ba2[1].css
Unicode text, UTF-8 text, with very long lines (65413)
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BEDT2L3A\thumbnail-31b2a20df6fc[1].png
PNG image data, 442 x 252, 8-bit/color RGBA, non-interlaced
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BEDT2L3A\vendors-node_modules_braintree_browser-detection_dist_browser-detection_js-node_modules_githu-bb80ec-634de60bacfa[1].js
ASCII text, with very long lines (16853)
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BEDT2L3A\vendors-node_modules_delegated-events_dist_index_js-node_modules_github_catalyst_lib_index_js-f4b251-f7c3b6081b19[1].js
ASCII text, with very long lines (14108)
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BEDT2L3A\vendors-node_modules_github_hydro-analytics-client_dist_analytics-client_js-node_modules_gith-f3aee1-e6893db9c19e[1].js
ASCII text, with very long lines (9454)
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BEDT2L3A\vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_morphdom_dist_morphdom-e-7c534c-f8a5485c982a[1].js
ASCII text, with very long lines (5699)
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BEDT2L3A\vendors-node_modules_github_selector-observer_dist_index_esm_js-f690fd9ae3d5[1].js
ASCII text, with very long lines (9479)
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BEDT2L3A\vendors-node_modules_primer_behaviors_dist_esm_index_mjs-4aa4b0e95669[1].js
ASCII text, with very long lines (16829)
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BEDT2L3A\vendors-node_modules_primer_react_lib-esm_ActionList_index_js-540a2acf621f[1].js
ASCII text, with very long lines (25188)
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BEDT2L3A\vendors-node_modules_primer_react_lib-esm_TooltipV2_Tooltip_js-e39b44f27fbb[1].js
ASCII text, with very long lines (8207)
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\FGDLZ049\app_assets_modules_github_behaviors_ajax-error_ts-app_assets_modules_github_behaviors_include-d0d0a6-6faacedf87fe[1].js
ASCII text, with very long lines (9509)
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\FGDLZ049\app_assets_modules_github_behaviors_commenting_edit_ts-app_assets_modules_github_behaviors_ht-83c235-aeae6fcdf371[1].js
ASCII text, with very long lines (11767)
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\FGDLZ049\environment-2f240f7ed1b3[1].js
ASCII text, with very long lines (3973)
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\FGDLZ049\eslint-33bd6140c37f[1].png
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\FGDLZ049\footer-blur-8bc8e1f23df6[1].png
PNG image data, 184 x 184, 8-bit colormap, non-interlaced
modified
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\FGDLZ049\footer-copilot-54114bfd1d20[1].png
PNG image data, 365 x 365, 8-bit colormap, non-interlaced
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\FGDLZ049\github-6da540aa3f84[1].css
ASCII text, with very long lines (65536), with no line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\FGDLZ049\github-elements-36d7dcef5a08[1].js
ASCII text, with very long lines (35903)
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\FGDLZ049\global-103ebe55f9d9[1].css
Unicode text, UTF-8 text, with very long lines (53019)
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\FGDLZ049\hero-desktop-a38b0fd77b6c[1].webp
RIFF (little-endian) data, Web/P image
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\FGDLZ049\hero-mobile-7163f4f5de41[1].webp
RIFF (little-endian) data, Web/P image, VP8 encoding, 770x540, Scaling: [none]x[none], YUV color, decoders should clamp
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\FGDLZ049\illu-code-scanning-fc9dfb212aa3[1].png
PNG image data, 1208 x 830, 8-bit colormap, non-interlaced
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\FGDLZ049\illu-copilot-sidebar-3d2efb504577[1].png
PNG image data, 960 x 1222, 8-bit colormap, non-interlaced
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\FGDLZ049\illu-dependabot-d98c73cc6724[1].png
PNG image data, 1208 x 870, 8-bit colormap, non-interlaced
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\FGDLZ049\illu-discussions-2-b915a6dd867e[1].png
PNG image data, 1208 x 804, 8-bit colormap, non-interlaced
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\FGDLZ049\illu-mobile-chat-9e7549906574[1].webp
RIFF (little-endian) data, Web/P image
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\FGDLZ049\imolorhe-9d771b1d4332[1].jpg
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\FGDLZ049\keyboard-shortcuts-dialog-3d3b90edc171[1].js
ASCII text, with very long lines (28419)
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\FGDLZ049\primer-react-css.8879c83c1311e6328466.module[1].css
ASCII text, with very long lines (30424)
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\FGDLZ049\shape-0-df97fa6b0c27[1].svg
SVG Scalable Vector Graphics image
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\FGDLZ049\ui_packages_failbot_failbot_ts-aabfa4ec15fe[1].js
ASCII text, with very long lines (8825)
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\FGDLZ049\ui_packages_react-core_create-browser-history_ts-ui_packages_react-core_AppContextProvider_ts-ffb979-ed6ff1fbeca4[1].js
ASCII text, with very long lines (8345)
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\FGDLZ049\vendors-node_modules_github_file-attachment-element_dist_index_js-node_modules_primer_view-co-eb9d54-74622d897749[1].js
ASCII text, with very long lines (25554)
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\FGDLZ049\vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_primer_react_lib-esm_Fea-39267a-9ffd541aafbc[1].js
ASCII text, with very long lines (65536), with no line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\FGDLZ049\vendors-node_modules_github_quote-selection_dist_index_js-node_modules_github_session-resume_-9a8cd2-373766bf71f1[1].js
ASCII text, with very long lines (18715)
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\FGDLZ049\vendors-node_modules_github_text-expander-element_dist_index_js-e40ed7658a74[1].js
ASCII text, with very long lines (14256)
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\FGDLZ049\vendors-node_modules_scroll-anchoring_dist_scroll-anchoring_esm_js-node_modules_stacktrace-pa-a71630-67856ad29bae[1].js
ASCII text, with very long lines (12557)
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\FGDLZ049\webgl-globe-b8ac95da6496[1].js
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\W1DLB4AP\app_assets_modules_github_sticky-scroll-into-view_ts-112600808cf9[1].js
ASCII text, with very long lines (10447)
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\W1DLB4AP\bg-glow-blue-036b8dc2d1ce[1].png
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\W1DLB4AP\chaynhq-4c5953025dca[1].png
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\W1DLB4AP\footer-diamond-ed642fc95144[1].png
PNG image data, 142 x 142, 8-bit colormap, non-interlaced
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\W1DLB4AP\footer-orb-a0438104a7a2[1].png
PNG image data, 208 x 196, 8-bit colormap, non-interlaced
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\W1DLB4AP\git-branch-productivity-c304b83d09c7[1].svg
SVG Scalable Vector Graphics image
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\W1DLB4AP\globe-d6f3f4ee645a[1].jpg
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1238x1404, components 3
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\W1DLB4AP\home-339181319b7e[1].css
ASCII text, with very long lines (9947)
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\W1DLB4AP\illu-codespaces-1d2d17e8b2b7[1].png
PNG image data, 1208 x 890, 8-bit colormap, non-interlaced
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\W1DLB4AP\illu-ghas-list-84af1f1ce2b8[1].png
PNG image data, 1080 x 600, 8-bit colormap, non-interlaced
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\W1DLB4AP\illu-projects-2-26077f1dd188[1].png
PNG image data, 1190 x 964, 8-bit colormap, non-interlaced
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\W1DLB4AP\marketing-872ff8663359[1].js
ASCII text, with very long lines (19575)
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\W1DLB4AP\pg-f1f19955c4e4[1].svg
SVG Scalable Vector Graphics image
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\W1DLB4AP\play-1844e8414ade[1].png
PNG image data, 178 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\W1DLB4AP\primer-fefb1a332c28[1].css
ASCII text, with very long lines (65536), with no line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\W1DLB4AP\primer-primitives-4cf0d59ab51a[1].css
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\W1DLB4AP\react-lib-7b7b5264f6c1[1].js
ASCII text, with very long lines (34095)
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\W1DLB4AP\telus-df0c2109df99[1].svg
SVG Scalable Vector Graphics image
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\W1DLB4AP\vendors-node_modules_github_arianotify-polyfill_ariaNotify-polyfill_js-node_modules_github_mi-247092-b9c7cf3107b7[1].js
ASCII text, with very long lines (17157)
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\W1DLB4AP\vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_delegated-events_dist_in-bae876-1e5b19a38261[1].js
ASCII text, with very long lines (23969)
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\W1DLB4AP\vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_stacktrace-parser_dist_s-6b2a62-6fef0f2ad42a[1].js
ASCII text, with very long lines (17354)
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\W1DLB4AP\vendors-node_modules_github_relative-time-element_dist_index_js-6d3967acd51c[1].js
ASCII text, with very long lines (15356)
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\W1DLB4AP\vendors-node_modules_github_remote-form_dist_index_js-node_modules_delegated-events_dist_inde-893f9f-6cf3320416b8[1].js
ASCII text, with very long lines (9778)
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\W1DLB4AP\vendors-node_modules_github_turbo_dist_turbo_es2017-esm_js-858e043fcf76[1].js
ASCII text, with very long lines (39287)
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\W1DLB4AP\vendors-node_modules_lit-html_lit-html_js-ce7225a304c5[1].js
ASCII text, with very long lines (5043)
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\W1DLB4AP\vendors-node_modules_oddbird_popover-polyfill_dist_popover_js-56729c905fe2[1].js
ASCII text, with very long lines (4772)
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\W1DLB4AP\vendors-node_modules_primer_react_lib-esm_Dialog_Dialog_js-node_modules_primer_react_lib-esm_-34d71e-a36ca1cac968[1].js
ASCII text, with very long lines (24348)
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\W1DLB4AP\vendors-node_modules_primer_react_lib-esm_KeybindingHint_KeybindingHint_js-node_modules_githu-3fe5e5-779b0a7957e4[1].js
ASCII text, with very long lines (9001)
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\W1DLB4AP\yyx990803-e11c7b140b17[1].jpg
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 192x192, components 3
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache
data
dropped
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_qvboery0.1r2.ps1
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_v5duq0qp.dkm.psm1
ASCII text, with no line terminators
dropped
C:\Windows\System\ABievJY.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\AONeoTK.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\AOSuUmd.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\AQSffhY.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\ASKjfZy.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\AXEGSHs.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\AbenojY.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\ArNQyZf.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\BMxbfij.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\BNgUfBr.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\BnLcQMe.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\BpqsHCR.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\BtXtEfY.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\BwBweqn.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\BwjWQVv.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\CGpcHNw.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\CVYvaQs.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\CWLRJYu.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\CoTJSDT.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\CpMhLMx.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\DBfMBcY.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\DCqXTox.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\DNhkeWm.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\DTREvJC.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\DTVvNoy.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\DbVBXPi.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\DrKJjXc.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\DtVOaSb.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\EDndQMl.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\EENzfBP.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\EMuPVcI.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\EZbURBQ.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\EkcZQPq.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\EzVUaNc.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\FGUHzJz.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\FHjAcHx.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\FUwHkXo.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\FaabrKu.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\FgBtrMU.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\FgiIXgf.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\FlmGZHf.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\FoekgWP.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\GaSDvNs.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\GmNUXAr.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\GoSpvOG.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\HEPcUok.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\HHsWpNX.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\HKdVaSy.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\HNocQDn.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\HUohYxb.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\HVhldsH.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\HbWODob.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\HeXCeXe.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\HjdahEF.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\HnTfvAZ.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\HuKkgJY.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\IBWzTMA.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\IEswIyo.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\IjDqKMU.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\IofoOIp.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\IpqVIyY.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\JCZRmvQ.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\JGfFPYZ.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\JKpmIVS.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\JRnaUrS.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\JUxucoT.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\JdmbeCb.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\JqFVNbS.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\KEULPTl.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\KVTiBjz.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\KVgdAzq.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\KeLPRxW.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\LCScugy.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\LFQLRaY.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\LLELsGo.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\LNyWtrn.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\LOvnxUx.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\LPMtFlZ.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\LTWTGcY.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\LYzOvkf.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\MCvhdFU.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\MKAkyBP.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\MLxwqET.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\MgoHIfZ.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\MydOwjq.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\NDapyRM.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\NLJeLdM.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\NVxCwjX.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\NqPZXyD.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\NrRaZIJ.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\NuxBytj.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\NyhRMmW.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\NzANgdB.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\ORmCcsC.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\OVdNTki.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\OgBLDNx.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\OpMgkKg.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\OyxgWny.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\PABSWXd.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\PLFTiIe.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\PPOtBBY.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\PRQFErV.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\PUqZmPS.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\PZXDYlu.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\PaGFrFU.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\PbUiiSM.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\PdxLXDE.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\PjowoJp.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\PrFZfUv.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\QZBRXHU.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\QdDnaqt.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\QqSzknx.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\QrBMIBp.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\RCVCpIi.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\RKUSbZV.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\RcAqfwv.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\RgcKJVt.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\RlLCkUy.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\RtRmRJz.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\SAfbgcC.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\SNcreuq.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\SOFlTuM.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\SUucMiy.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\SYLAfii.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\StIsyPE.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\SxjZpBy.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\TBNKhIN.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\TQUlNhY.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\TVNHEGY.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\TscCBWf.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\UExJWUr.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\UQPgIol.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\UQkDiSP.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\UiAsnNy.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\UlGsoAn.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\UmvuxvA.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\Uvtpjkd.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\UyqOZIb.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\VExclqz.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\VGaSwYr.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\VLekFWd.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\VPuwqFY.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\VdwdSnC.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\VgNRTsd.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\VjXLpYb.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\VsobEcA.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\VwIvzCk.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\WOvgLKK.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\WTLAzgJ.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\WVsCsMZ.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\WZkiNdG.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\WdIXuil.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\WlVmTit.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\WvkREuJ.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\WvowvSL.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\XAgYYqB.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\XBXKJRi.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\XJEUdeq.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\XWzPvUm.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\XbARtow.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\XqXHiyf.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\YFzrUDj.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\YHgRCCe.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\YIjJOqk.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\YUQTINM.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\YYCxOQh.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\YnfMwga.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\ZCyEzte.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\ZDeifCM.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\ZFvVqBc.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\ZPBkGsL.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\ZXNyiNu.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\ZlvPlxy.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\ZohDODH.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\aBqatWR.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\aFbtfKK.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\aFpkhGM.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\aIuDozC.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\ajEytdP.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\bFsdWPU.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\blOLvcj.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\bpCJdvZ.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\brplcms.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\bsgTRXG.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\bxBimDh.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\bymvMyH.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\cBoEBlV.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\cLSDHvv.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\cVJdttA.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\cVpmxhg.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\caYiRYR.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\ccbrmxM.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\chBMsUn.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\ckHJCFb.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\cyvijMt.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\dCnJkoQ.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\dMXkTWG.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\dPvMBBP.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\dbgHMyC.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\delwiax.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\dmPtXnK.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\eIXgzbs.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\eIthybV.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\eLYbCEG.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\eQlnkhq.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\eXUokzg.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\eaXsKmO.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\fEOJwwW.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\fIqTNJz.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\fWWVlTg.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\fXSZuyj.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\fYMwhpS.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\ffPPQcz.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\fhxlOMT.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\ftWkAMN.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\fyffsXe.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\fylerHE.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\gAPrxpM.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\gCZFmUf.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\gKbbPbF.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\gPTriDK.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\gQbnwXn.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\gXwIlxx.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\geBTNDq.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\ghXRScL.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\glgdLrR.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\hAjIjRa.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\hMvDOJd.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\hhEeZzN.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\hyzwXgh.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\hzIYZSD.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\iEDLgeS.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\iIwdGAS.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\iJpJhmt.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\iSmvfWm.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\iYYYydA.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\ihDRfqA.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\izzcVgF.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\jAqlPqL.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\jYFqRXp.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\jkErNHB.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\jmSIZKC.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\jqUGnrw.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\jzfTIlb.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\kFAVWnk.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\kPkYoOt.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\kYjPKaN.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\lBrohsB.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\lQcYvMS.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\lVudyTV.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\lrIaMFU.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\ltlcnHD.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\lyMiIxb.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\mBbgLGb.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\mByREeI.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\mEVTdIJ.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\mPNsbfH.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\mWAGJFM.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\mXElbHo.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\mZnsuql.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\mdMaqgD.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\mgbtojr.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\mlhNNPN.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\mshbGSl.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\mtnXczE.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\nJFWveO.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\nJZyUBH.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\nKUJunm.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\ndpwHPZ.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\nkFLDPI.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\oCLXTVT.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\oUGjnOU.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\osHoaGO.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\otCfESI.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\pBTelAj.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\pGmaKvE.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\pMMnfcQ.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\pMaKiZu.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\pPLiGBV.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\pbwrbNh.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\pnGqAlS.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\ppfNNTX.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\pzbELEW.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\qQyXqOp.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\qdErmhf.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\qmcblFN.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\rDRaLhy.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\rKZvlov.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\rQJmlSe.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\rTpsbWr.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\rTrjeti.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\rVmcjTa.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\rXBWFEL.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\rYIlnZs.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\rfpCYxf.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\rgBmwKj.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\roZGxps.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\rtBLYbw.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\rwUXwnj.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\sDLqeeh.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\sFwDWFc.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\sGYPztO.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\sHbEZkY.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\sJZigTD.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\sOGcIfs.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\sOpjlAo.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\sPniyBl.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\sXBohAC.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\sctmwAr.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\skgGGJN.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\snZBbmy.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\ssUJwoR.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\svRRwoZ.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\tJmWuwF.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\tRGqWXW.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\tWOQBIk.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\tXVZMjj.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\tyXEsEa.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\tzOEnrH.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\uBSPQKP.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\uHZGZjz.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\uJEYoyF.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\uNQcZEb.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\uRBSbtU.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\uSdaSKW.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\uaJCfvY.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\ucDGEkw.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\ukkpYme.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\usscfzm.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\uwKMlqy.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\vKoIcLB.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\vREuzRr.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\vUKZkjM.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\veVfAiw.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\vixYnHG.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\wCJLXKb.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\wJZTVhW.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\wNVvJxX.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\wPprRzW.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\wWwDsEl.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\whRtinB.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\wibjUVa.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\wkIkkhX.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\wnWUbPS.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\wpjxcMS.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\wsmNUVo.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\xAngvPh.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\xAzCYwU.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\xVIixqx.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\xZqqKxJ.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\xneUGSK.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\xsirwHn.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\xyokMuX.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\yXkrKHV.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\ykZgpGK.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\yolnOnG.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\yuTigyc.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\yzVBTwc.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\zJwJxgA.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\zYyqoWF.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\ztQluWW.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\System\zzbooXY.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
There are 507 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Users\user\Desktop\file.exe
"C:\Users\user\Desktop\file.exe"
 malicious
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell.exe -command "Invoke-WebRequest "https://raw.githubusercontent.com/" "
 malicious
C:\Windows\System\xIpouRJ.exe
C:\Windows\System\xIpouRJ.exe
 malicious
C:\Windows\System\ERbKWDm.exe
C:\Windows\System\ERbKWDm.exe
 malicious
C:\Windows\System\wHnuprt.exe
C:\Windows\System\wHnuprt.exe
 malicious
C:\Windows\System\uxMRJKa.exe
C:\Windows\System\uxMRJKa.exe
 malicious
C:\Windows\System\bJVoOik.exe
C:\Windows\System\bJVoOik.exe
 malicious
C:\Windows\System\wkazDeV.exe
C:\Windows\System\wkazDeV.exe
 malicious
C:\Windows\System\VWrcuzM.exe
C:\Windows\System\VWrcuzM.exe
 malicious
C:\Windows\System\wJNkgSa.exe
C:\Windows\System\wJNkgSa.exe
 malicious
C:\Windows\System\imwRXsl.exe
C:\Windows\System\imwRXsl.exe
 malicious
C:\Windows\System\bzSbRdi.exe
C:\Windows\System\bzSbRdi.exe
 malicious
C:\Windows\System\Csmwgyb.exe
C:\Windows\System\Csmwgyb.exe
 malicious
C:\Windows\System\defQfgC.exe
C:\Windows\System\defQfgC.exe
 malicious
C:\Windows\System\XZxtJFw.exe
C:\Windows\System\XZxtJFw.exe
 malicious
C:\Windows\System\MwFvbxc.exe
C:\Windows\System\MwFvbxc.exe
 malicious
C:\Windows\System\hAOVVjq.exe
C:\Windows\System\hAOVVjq.exe
 malicious
C:\Windows\System\oxCQuSo.exe
C:\Windows\System\oxCQuSo.exe
 malicious
C:\Windows\System\vyHGCnK.exe
C:\Windows\System\vyHGCnK.exe
 malicious
C:\Windows\System\mbSqRHL.exe
C:\Windows\System\mbSqRHL.exe
 malicious
C:\Windows\System\VFkciqc.exe
C:\Windows\System\VFkciqc.exe
 malicious
C:\Windows\System\sdTevgk.exe
C:\Windows\System\sdTevgk.exe
 malicious
C:\Windows\System\eVVPPqR.exe
C:\Windows\System\eVVPPqR.exe
 malicious
C:\Windows\System\VHwkuIa.exe
C:\Windows\System\VHwkuIa.exe
 malicious
C:\Windows\System\WLWcTVM.exe
C:\Windows\System\WLWcTVM.exe
 malicious
C:\Windows\System\WCbcoxD.exe
C:\Windows\System\WCbcoxD.exe
 malicious
C:\Windows\System\QWtCxan.exe
C:\Windows\System\QWtCxan.exe
 malicious
C:\Windows\System\fpHmIIc.exe
C:\Windows\System\fpHmIIc.exe
 malicious
C:\Windows\System\FGSooXz.exe
C:\Windows\System\FGSooXz.exe
 malicious
C:\Windows\System\mKdsHiQ.exe
C:\Windows\System\mKdsHiQ.exe
 malicious
C:\Windows\System\nWSykjl.exe
C:\Windows\System\nWSykjl.exe
 malicious
C:\Windows\System\LKurWpq.exe
C:\Windows\System\LKurWpq.exe
 malicious
C:\Windows\System\iHSYLud.exe
C:\Windows\System\iHSYLud.exe
 malicious
C:\Windows\System\tyQdqmC.exe
C:\Windows\System\tyQdqmC.exe
 malicious
C:\Windows\System\sabRErB.exe
C:\Windows\System\sabRErB.exe
 malicious
C:\Windows\System\ZTSJHKb.exe
C:\Windows\System\ZTSJHKb.exe
 malicious
C:\Windows\System\xNhRSWh.exe
C:\Windows\System\xNhRSWh.exe
 malicious
C:\Windows\System\jtnQpnb.exe
C:\Windows\System\jtnQpnb.exe
 malicious
C:\Windows\System\hEUEsIC.exe
C:\Windows\System\hEUEsIC.exe
 malicious
C:\Windows\System\UqXZtcb.exe
C:\Windows\System\UqXZtcb.exe
 malicious
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
There are 31 hidden processes, click here to show them.

URLs

Name
IP
Malicious
https://raw.githubusercontent.com/
185.199.111.133
 malicious
https://github.githubassets.com/assets/imolorhe-9d771b1d4332.jpeg
185.199.110.154
https://github.githubassets.com/assets/chaynhq-4c5953025dca.png
185.199.110.154
https://github.githubassets.com/assets/vendors-node_modules_github_remote-form_dist_index_js-node_modules_delegated-events_dist_inde-94fd67-9a621ecbf672.js
185.199.110.154
https://github.githubassets.com/assets/kpmg-c249f20c5173.svg
185.199.110.154
https://github.githubassets.com/assets/git-branch-productivity-c304b83d09c7.svg
185.199.110.154
https://github.githubassets.com/assets/sindresorhus-d3224f241a4d.jpeg
185.199.110.154
https://github.githubassets.com/assets/discussions-adf1d1b8b95c.css
185.199.110.154
https://github.githubassets.com/assets/element-registry-f52a50a0449b.js
185.199.110.154
https://github.githubassets.com/assets/vendors-node_modules_delegated-events_dist_index_js-node_modules_github_catalyst_lib_index_js-06ff531-bf7e5a3732fd.js
185.199.110.154
https://github.githubassets.com/assets/shape-0-df97fa6b0c27.svg
185.199.110.154
https://github.githubassets.com/assets/primer-react-css.8879c83c1311e6328466.module.css
185.199.110.154
https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_KeybindingHint_KeybindingHint_js-node_modules_githu-3fe5e5-779b0a7957e4.js
185.199.110.154
https://github.githubassets.com/assets/homebrew-c7e38eeacb52.png
185.199.110.154
https://github.githubassets.com/assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_primer_react_lib-esm_Fea-39267a-9ffd541aafbc.js
185.199.110.154
https://github.githubassets.com/assets/ui_packages_react-core_create-browser-history_ts-ui_packages_react-core_AppContextProvider_ts-ffb979-ed6ff1fbeca4.js
185.199.110.154
https://github.githubassets.com/assets/dashboard-a70f6c490d6e.css
185.199.110.154
https://github.githubassets.com/assets/global-103ebe55f9d9.css
185.199.110.154
https://github.githubassets.com/assets/sap-96248a56d312.svg
185.199.110.154
https://github.githubassets.com/assets/notifications-global-54f34167118d.js
185.199.110.154
https://github.githubassets.com/assets/vendors-node_modules_oddbird_popover-polyfill_dist_popover_js-56729c905fe2.js
185.199.110.154
https://github.githubassets.com/assets/illu-secret-scanning-2-88fb429376d6.png
185.199.110.154
https://github.githubassets.com/assets/vendors-node_modules_github_remote-form_dist_index_js-node_modules_delegated-events_dist_inde-893f9f-6cf3320416b8.js
185.199.110.154
https://github.githubassets.com/assets/commandpost-18d45fffda67.png
185.199.110.154
https://github.githubassets.com/assets/footer-mona-d1c861cd8018.png
185.199.110.154
https://github.githubassets.com/assets/eslint-33bd6140c37f.png
185.199.110.154
https://github.githubassets.com/assets/vendors-node_modules_github_arianotify-polyfill_ariaNotify-polyfill_js-node_modules_github_mi-247092-b9c7cf3107b7.js
185.199.110.154
https://github.githubassets.com/assets/vendors-node_modules_github_auto-complete-element_dist_index_js-a164c5ea9f62.js
185.199.110.154
https://github.githubassets.com/assets/vendors-node_modules_scroll-anchoring_dist_scroll-anchoring_esm_js-node_modules_stacktrace-pa-a71630-67856ad29bae.js
185.199.110.154
https://github.githubassets.com/assets/footer-copilot-54114bfd1d20.png
185.199.110.154
https://github.githubassets.com/assets/app_assets_modules_github_sticky-scroll-into-view_ts-112600808cf9.js
185.199.110.154
https://github.githubassets.com/assets/play-1844e8414ade.png
185.199.110.154
https://github.githubassets.com/assets/footer-blur-8bc8e1f23df6.png
185.199.110.154
https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_Dialog_Dialog_js-node_modules_primer_react_lib-esm_-34d71e-a36ca1cac968.js
185.199.110.154
https://github.githubassets.com/assets/ui_packages_failbot_failbot_ts-aabfa4ec15fe.js
185.199.110.154
https://github.githubassets.com/assets/home-339181319b7e.css
185.199.110.154
https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_ActionList_index_js-540a2acf621f.js
185.199.110.154
https://github.githubassets.com/assets/bg-glow-blue-036b8dc2d1ce.png
185.199.110.154
https://github.githubassets.com/assets/dark-9c5b7a476542.css
185.199.110.154
https://github.githubassets.com/assets/vendors-node_modules_primer_behaviors_dist_esm_index_mjs-4aa4b0e95669.js
185.199.110.154
https://github.githubassets.com/assets/illu-mobile-chat-9e7549906574.webp
185.199.110.154
https://github.githubassets.com/assets/app_assets_modules_github_behaviors_task-list_ts-app_assets_modules_github_sso_ts-ui_packages-900dde-ab87c1d6c5c8.js
185.199.110.154
https://github.githubassets.com/assets/illu-ghas-list-84af1f1ce2b8.png
185.199.110.154
https://github.githubassets.com/assets/illu-copilot-editor-6474457a5b19.png
185.199.110.154
https://github.githubassets.com/assets/vendors-node_modules_dompurify_dist_purify_js-b73fdff77a4e.js
185.199.110.154
https://github.githubassets.com/assets/hero-mobile-7163f4f5de41.webp
185.199.110.154
https://github.githubassets.com/assets/git-branch-security-2-f6a799957581.svg
185.199.110.154
https://github.githubassets.com/assets/illu-projects-2-26077f1dd188.png
185.199.110.154
https://github.githubassets.com/assets/vendors-node_modules_github_turbo_dist_turbo_es2017-esm_js-858e043fcf76.js
185.199.110.154
https://github.githubassets.com/assets/behaviors-b32b736e8b72.js
185.199.110.154
https://github.githubassets.com/assets/yyx990803-e11c7b140b17.jpeg
185.199.110.154
https://github.githubassets.com/assets/illu-codespaces-1d2d17e8b2b7.png
185.199.110.154
https://github.githubassets.com/assets/vendors-node_modules_color-convert_index_js-0e07cc183eed.js
185.199.110.154
https://github.githubassets.com/assets/directus-4da9e46da0ac.png
185.199.110.154
https://github.githubassets.com/assets/light-3e154969b9f9.css
185.199.110.154
https://github.githubassets.com/assets/github-elements-36d7dcef5a08.js
185.199.110.154
https://github.githubassets.com/assets/vendors-node_modules_github_selector-observer_dist_index_esm_js-f690fd9ae3d5.js
185.199.110.154
https://github.githubassets.com/assets/vendors-node_modules_github_relative-time-element_dist_index_js-6d3967acd51c.js
185.199.110.154
https://github.githubassets.com/assets/shape-3-9e542b5c31b8.svg
185.199.110.154
https://github.githubassets.com/assets/illu-code-scanning-fc9dfb212aa3.png
185.199.110.154
https://github.githubassets.com/assets/footer-star-36e5b5724973.png
185.199.110.154
https://github.githubassets.com/assets/home-fa7c9cc8a53c.js
185.199.110.154
https://github.githubassets.com/assets/illu-discussions-2-b915a6dd867e.png
185.199.110.154
https://github.githubassets.com/assets/illu-pull-requests-2-280cc958fc05.png
185.199.110.154
https://github.githubassets.com/assets/sessions-f3ddee0032e4.js
185.199.110.154
https://github.githubassets.com/assets/vendors-node_modules_github_quote-selection_dist_index_js-node_modules_github_session-resume_-9a8cd2-373766bf71f1.js
185.199.110.154
https://github.githubassets.com/assets/mercedes-fcf97d2d6ec4.svg
185.199.110.154
https://github.githubassets.com/assets/dayhaysoos-c50659cac73b.jpeg
185.199.110.154
https://github.githubassets.com/assets/shape-2-f30dcc9bd35c.svg
185.199.110.154
https://github.githubassets.com/assets/primer-primitives-4cf0d59ab51a.css
185.199.110.154
https://github.githubassets.com/assets/thumbnail-31b2a20df6fc.png
185.199.110.154
https://github.githubassets.com/assets/vendors-node_modules_github_file-attachment-element_dist_index_js-node_modules_primer_view-co-eb9d54-74622d897749.js
185.199.110.154
https://github.githubassets.com/assets/illu-dependabot-d98c73cc6724.png
185.199.110.154
https://github.com/
140.82.121.4
https://github.githubassets.com/assets/pg-f1f19955c4e4.svg
185.199.110.154
https://github.githubassets.com/assets/wp-runtime-f35b332dbe90.js
185.199.110.154
https://github.githubassets.com/assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_stacktrace-parser_dist_s-6b2a62-6fef0f2ad42a.js
185.199.110.154
https://github.githubassets.com/assets/git-branch-collaboration-2-e46b1fb1d363.svg
185.199.110.154
https://github.githubassets.com/assets/3m-0151c2fda0ce.svg
185.199.110.154
https://github.githubassets.com/assets/telus-df0c2109df99.svg
185.199.110.154
https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_Button_Button_js-f36ad879d477.js
185.199.110.154
https://github.githubassets.com/assets/shape-1-c219318e479a.svg
185.199.110.154
https://github.githubassets.com/assets/react-lib-7b7b5264f6c1.js
185.199.110.154
https://github.githubassets.com/assets/primer-fefb1a332c28.css
185.199.110.154
https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_TooltipV2_Tooltip_js-e39b44f27fbb.js
185.199.110.154
https://github.githubassets.com/assets/vendors-node_modules_delegated-events_dist_index_js-node_modules_github_catalyst_lib_index_js-f4b251-f7c3b6081b19.js
185.199.110.154
https://github.githubassets.com/assets/globe-d6f3f4ee645a.jpg
185.199.110.154
https://github.githubassets.com/assets/vendors-node_modules_github_hydro-analytics-client_dist_analytics-client_js-node_modules_gith-f3aee1-e6893db9c19e.js
185.199.110.154
https://github.githubassets.com/assets/environment-2f240f7ed1b3.js
185.199.110.154
https://github.githubassets.com/assets/github-6da540aa3f84.css
185.199.110.154
https://github.githubassets.com/assets/ui_packages_updatable-content_updatable-content_ts-3f4401350bd7.js
185.199.110.154
https://github.githubassets.com/assets/app_assets_modules_github_behaviors_ajax-error_ts-app_assets_modules_github_behaviors_include-d0d0a6-6faacedf87fe.js
185.199.110.154
https://github.githubassets.com/assets/keyboard-shortcuts-dialog-3d3b90edc171.js
185.199.110.154
https://github.githubassets.com/assets/vendors-node_modules_github_webgl-globe_dist_js_main_js-7ace716f3606.js
185.199.110.154
https://github.githubassets.com/assets/marketing-872ff8663359.js
185.199.110.154
https://github.githubassets.com/assets/hero-desktop-a38b0fd77b6c.webp
185.199.110.154
https://github.githubassets.com/assets/site-fbd7cf8f6ba2.css
185.199.110.154
https://github.githubassets.com/assets/footer-orb-a0438104a7a2.png
185.199.110.154
https://github.githubassets.com/assets/illu-copilot-sidebar-3d2efb504577.png
185.199.110.154
https://github.githubassets.com/assets/app_assets_modules_github_behaviors_commenting_edit_ts-app_assets_modules_github_behaviors_ht-83c235-aeae6fcdf371.js
185.199.110.154
There are 90 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
raw.githubusercontent.com
185.199.111.133
 malicious
github.com
140.82.121.4
github.githubassets.com
185.199.110.154
time.windows.com
unknown

IPs

IP
Domain
Country
Malicious
3.120.98.217
unknown
United States
malicious
185.199.111.133
raw.githubusercontent.com
Netherlands
malicious
140.82.121.4
github.com
United States
185.199.110.154
github.githubassets.com
Netherlands

Registry

Path
Value
Malicious
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\3F728A35DE52B2C8994A4FB101A03B95E87B06C8
Blob
 malicious
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\3F728A35DE52B2C8994A4FB101A03B95E87B06C8
Blob
 malicious
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
EnableFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
EnableAutoFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
EnableConsoleTracing
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
FileTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
ConsoleTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
MaxFileSize
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
FileDirectory
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
EnableFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
EnableAutoFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
EnableConsoleTracing
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
FileTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
ConsoleTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
MaxFileSize
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
FileDirectory
There are 6 hidden registries, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
7FF670A01000
unkown
page execute and read and write
 malicious
7FF77B681000
unkown
page execute and read and write
 malicious
7FF7B66F1000
unkown
page execute and read and write
 malicious
7FF601281000
unkown
page execute and read and write
 malicious
7FF6667F1000
unkown
page execute and read and write
 malicious
7FF74DF51000
unkown
page execute and read and write
 malicious
7FF781EE1000
unkown
page execute and read and write
 malicious
7FF699C11000
unkown
page execute and read and write
 malicious
7FF757761000
unkown
page execute and read and write
 malicious
7FF68B301000
unkown
page execute and read and write
 malicious
7FF7683D1000
unkown
page execute and read and write
 malicious
7FF7A5921000
unkown
page execute and read and write
 malicious
7FF62C3E1000
unkown
page execute and read and write
 malicious
7FF6C9F91000
unkown
page execute and read and write
 malicious
7FF7B8681000
unkown
page execute and read and write
 malicious
7FF7A86E1000
unkown
page execute and read and write
 malicious
7FF6BEA81000
unkown
page execute and read and write
 malicious
7FF7DC871000
unkown
page execute and read and write
 malicious
7FF6ACAF1000
unkown
page execute and read and write
 malicious
7FF6B3CD1000
unkown
page execute and read and write
 malicious
7FF654031000
unkown
page execute and read and write
 malicious
7FF7777F1000
unkown
page execute and read and write
 malicious
7FF7BBF71000
unkown
page execute and read and write
 malicious
7FF650B91000
unkown
page execute and read and write
 malicious
7FF61C861000
unkown
page execute and read and write
 malicious
7FF60FC21000
unkown
page execute and read and write
 malicious
7FF6A8DB1000
unkown
page execute and read and write
 malicious
7FF748321000
unkown
page execute and read and write
 malicious
7FF700A71000
unkown
page execute and read and write
 malicious
7FF67DBC1000
unkown
page execute and read and write
 malicious
7FF7C3B51000
unkown
page execute and read and write
 malicious
7FF6377F1000
unkown
page execute and read and write
 malicious
7FF6E04E1000
unkown
page execute and read and write
 malicious
7FF725C01000
unkown
page execute and read and write
 malicious
7FF6888B1000
unkown
page execute and read and write
 malicious
7FF602991000
unkown
page execute and read and write
 malicious
7FF795F21000
unkown
page execute and read and write
 malicious
7FF77C771000
unkown
page execute and read and write
 malicious
7FF60FFFB000
unkown
page execute and read and write
1E2F87A0000
heap
page read and write
2AB0B375000
heap
page read and write
2AB0DBA7000
heap
page read and write
203676E8000
direct allocation
page execute read
24DCA92B000
heap
page read and write
21B5F750000
heap
page read and write
7FF6A8DB0000
unkown
page readonly
2AB0C4DE000
heap
page read and write
1C41EFF0000
heap
page read and write
7FF601280000
unkown
page readonly
7FF7B8A71000
unkown
page write copy
7FF781EE0000
unkown
page readonly
2AB0978A000
heap
page read and write
1FDFAFFC000
heap
page read and write
7FF77CADD000
unkown
page execute and write copy
7FF7A86E0000
unkown
page readonly
7FF6CA36B000
unkown
page execute and read and write
2AB06DFE000
heap
page read and write
7FF60FC20000
unkown
page readonly
203675AC000
heap
page read and write
25B483F9000
heap
page read and write
7FF7C3F3D000
unkown
page execute and read and write
271E8260000
heap
page read and write
8EBCD7E000
unkown
page readonly
2E37901B000
heap
page read and write
7FF7C3B50000
unkown
page readonly
2831CFF000
stack
page read and write
7FF7C3F2B000
unkown
page execute and read and write
22E91030000
heap
page read and write
2AB0A462000
heap
page read and write
7FF6377F0000
unkown
page readonly
24C18AC0000
heap
page read and write
230309B0000
heap
page read and write
1FA9825B000
heap
page read and write
56576FC000
stack
page read and write
48105EC000
stack
page read and write
271EA244000
unkown
page read and write
18F4BCC000
stack
page read and write
7FF67DF2D000
unkown
page execute and write copy
28BEFC000
stack
page read and write
17E16B60000
heap
page read and write
7FF637BDD000
unkown
page execute and read and write
7FF654030000
unkown
page readonly
7FF777BCB000
unkown
page execute and read and write
54B16FC000
stack
page read and write
2AB0B258000
heap
page read and write
10EC0FF000
stack
page read and write
7FF637BDF000
unkown
page execute and write copy
7FF6A911D000
unkown
page execute and write copy
D261AFF000
stack
page read and write
1E8D0018000
direct allocation
page execute read
208A5340000
heap
page read and write
7FF795F20000
unkown
page readonly
7FF7A882B000
unkown
page execute and read and write
7FF781EE0000
unkown
page readonly
2AB06CE5000
heap
page read and write
7FF7578AB000
unkown
page execute and read and write
208A5388000
direct allocation
page execute read
7FF7B683B000
unkown
page execute and read and write
7FF7BC34B000
unkown
page execute and read and write
1FA25BB0000
direct allocation
page execute read
2AB0D3E7000
heap
page read and write
1E8CFC80000
heap
page read and write
7FF757B4D000
unkown
page execute and read and write
7FF7DC9BB000
unkown
page execute and read and write
203675A0000
heap
page read and write
249303F0000
heap
page read and write
271E9F80000
unkown
page read and write
271E8268000
heap
page read and write
199A8890000
heap
page read and write
7FF7A5A6B000
unkown
page execute and read and write
2AB07BCE000
heap
page read and write
1C704800000
heap
page read and write
2530D6AB000
heap
page read and write
2AB0D096000
heap
page read and write
2AB08AB3000
heap
page read and write
21B5F780000
direct allocation
page execute read
48109FF000
stack
page read and write
7FF6E062B000
unkown
page execute and read and write
25B483C0000
heap
page read and write
7FF699F7D000
unkown
page execute and write copy
2AB0E47D000
heap
page read and write
7FF7B6ADD000
unkown
page execute and read and write
208A5320000
heap
page read and write
271E9C33000
heap
page read and write
7FF650F6B000
unkown
page execute and read and write
5A6ECFC000
stack
page read and write
7FF74E33F000
unkown
page execute and write copy
271E8700000
unkown
page readonly
7FF69A001000
unkown
page read and write
1FA25B70000
heap
page read and write
23686430000
direct allocation
page execute read
22E92A10000
direct allocation
page execute read
2AB0D850000
heap
page read and write
249304B9000
heap
page read and write
1AB7C400000
heap
page read and write
2AB0B6CE000
heap
page read and write
7FF7A8AD1000
unkown
page write copy
2AB08128000
heap
page read and write
205B0980000
heap
page read and write
29471819000
heap
page read and write
1B6DCE40000
heap
page read and write
271EBFF0000
unkown
page readonly
2AB0A12B000
heap
page read and write
988B4FF000
stack
page read and write
203676A0000
heap
page read and write
7FF700E5F000
unkown
page execute and write copy
365A8FF000
stack
page read and write
7FF6C9F90000
unkown
page readonly
19A050E0000
heap
page read and write
7FF699C10000
unkown
page readonly
1B23AFE000
stack
page read and write
2AB079AC000
heap
page read and write
1D6F4029000
heap
page read and write
7FF7BC35D000
unkown
page execute and read and write
7FF61000F000
unkown
page execute and write copy
7FF666BCB000
unkown
page execute and read and write
975C0FE000
stack
page read and write
1FA98150000
heap
page read and write
7FF65441F000
unkown
page execute and write copy
271EA15A000
unkown
page read and write
2368647B000
heap
page read and write
7FF67DFB1000
unkown
page write copy
22E91250000
heap
page read and write
17E16A50000
heap
page read and write
18F4EFE000
stack
page read and write
2947181B000
heap
page read and write
7FF650CDB000
unkown
page execute and read and write
7FF79630D000
unkown
page execute and read and write
21B5F598000
heap
page read and write
271EA174000
unkown
page read and write
271E8201000
unkown
page readonly
7FF78224D000
unkown
page execute and write copy
7FF6B40C1000
unkown
page write copy
7FF78202B000
unkown
page execute and read and write
7FF68B6DB000
unkown
page execute and read and write
205B09E0000
heap
page read and write
2E378FD0000
heap
page read and write
1C41EFD0000
heap
page read and write
1C41F060000
heap
page read and write
7FF670D6D000
unkown
page execute and write copy
7FF6B3E1B000
unkown
page execute and read and write
7FF757B4F000
unkown
page execute and write copy
D3239FF000
stack
page read and write
28C13700000
heap
page read and write
7FF7DCC5D000
unkown
page execute and read and write
7FF77BA6F000
unkown
page execute and write copy
1D6F402B000
heap
page read and write
199A895B000
heap
page read and write
1D7691AB000
heap
page read and write
7FF61000D000
unkown
page execute and read and write
7FF62C3E0000
unkown
page readonly
8C2B2FF000
stack
page read and write
7FF7BBF70000
unkown
page readonly
22E91159000
heap
page read and write
7FF748320000
unkown
page readonly
7C352FC000
stack
page read and write
56578FF000
stack
page read and write
2E345320000
direct allocation
page execute read
1D7690A0000
heap
page read and write
1C41EFC0000
heap
page read and write
1E2F8A30000
heap
page read and write
7FF7A5D11000
unkown
page read and write
21B5F589000
heap
page read and write
7FF748711000
unkown
page write copy
7FF6ACAF0000
unkown
page readonly
1B003000000
heap
page read and write
7FF62C7BB000
unkown
page execute and read and write
249906D0000
heap
page read and write
7FF637B5D000
unkown
page execute and write copy
2530D6A9000
heap
page read and write
7FF61CC51000
unkown
page read and write
7FF65417B000
unkown
page execute and read and write
2AB09ABF000
heap
page read and write
7FF7A5C8D000
unkown
page execute and write copy
8C2AF2C000
stack
page read and write
21B5F7F0000
heap
page read and write
7FF725FDB000
unkown
page execute and read and write
29471810000
heap
page read and write
283192C000
stack
page read and write
7FF62C7D1000
unkown
page write copy
7FF6B3CD0000
unkown
page readonly
7FF6B3CD0000
unkown
page readonly
6E980FF000
stack
page read and write
2AB0B496000
heap
page read and write
B0053FE000
stack
page read and write
234F9E50000
heap
page read and write
1AB7C40C000
heap
page read and write
E55DFFE000
stack
page read and write
205B09EB000
heap
page read and write
7FF7A8ABB000
unkown
page execute and read and write
7FF77CB4B000
unkown
page execute and read and write
687F0FF000
stack
page read and write
7FF7DC870000
unkown
page readonly
2530D6A0000
heap
page read and write
7FF700E4B000
unkown
page execute and read and write
28C136E0000
heap
page read and write
2AB07DFF000
heap
page read and write
1B00300C000
heap
page read and write
7FF62C7D1000
unkown
page read and write
7FF670DEF000
unkown
page execute and write copy
7FF77CB61000
unkown
page read and write
2AB0F4E9000
heap
page read and write
2530D8D8000
direct allocation
page execute read
2AB0BF72000
heap
page read and write
7FF748320000
unkown
page readonly
2AB07ABB000
heap
page read and write
2831DFF000
stack
page read and write
24C188F0000
heap
page read and write
7FF6013CB000
unkown
page execute and read and write
2AB08676000
heap
page read and write
249303D0000
heap
page read and write
174FF170000
heap
page read and write
7FF7DCC5F000
unkown
page execute and write copy
271EA180000
unkown
page read and write
271E81C0000
unkown
page read and write
249304BB000
heap
page read and write
7FF7B8A6F000
unkown
page execute and write copy
7FF7B8A6D000
unkown
page execute and read and write
7FF6ACECB000
unkown
page execute and read and write
1D6F3FF0000
heap
page read and write
1FA89979000
heap
page read and write
199A88E0000
direct allocation
page execute read
203676E0000
direct allocation
page execute read
2AB0878E000
heap
page read and write
203677F0000
heap
page read and write
8EBCA7E000
unkown
page readonly
22E91150000
heap
page read and write
7FF688CA1000
unkown
page read and write
7FF7962FB000
unkown
page execute and read and write
7FF7BC0BB000
unkown
page execute and read and write
1FA89900000
heap
page read and write
7FF6A8DB0000
unkown
page readonly
2AB0EA1A000
heap
page read and write
7FF6667F0000
unkown
page readonly
7FF6CA37D000
unkown
page execute and read and write
1FDFAFB8000
direct allocation
page execute read
22E91110000
heap
page read and write
7FF7C3F41000
unkown
page read and write
271EA26B000
unkown
page read and write
365A6FC000
stack
page read and write
7FF757B3B000
unkown
page execute and read and write
25B48350000
heap
page read and write
6A57BDC000
stack
page read and write
7FF610011000
unkown
page read and write
7FF650B90000
unkown
page readonly
2AB0EB2A000
heap
page read and write
1E8CFCA9000
heap
page read and write
7FF6B40BD000
unkown
page execute and read and write
7FF6A919D000
unkown
page execute and read and write
23030A08000
direct allocation
page execute read
7FF602ADB000
unkown
page execute and read and write
7FF6BEA80000
unkown
page readonly
220D1779000
heap
page read and write
271EA266000
unkown
page read and write
2AB08CD7000
heap
page read and write
2AB0EC31000
heap
page read and write
2AB0E35A000
heap
page read and write
E1789FF000
stack
page read and write
21B5F788000
direct allocation
page execute read
54B17FF000
stack
page read and write
24DCA770000
heap
page read and write
7FF7687C1000
unkown
page write copy
28C13600000
heap
page read and write
1FA98380000
direct allocation
page execute read
7FF62C7CF000
unkown
page execute and write copy
7FF65440B000
unkown
page execute and read and write
2E3452F0000
heap
page read and write
D2619FF000
stack
page read and write
208A53B0000
heap
page read and write
7FF650F7F000
unkown
page execute and write copy
17E16B90000
direct allocation
page execute read
7FF61C860000
unkown
page readonly
E6B8B6C000
stack
page read and write
9EFB8FC000
stack
page read and write
1B0031F0000
heap
page read and write
6E97EFC000
stack
page read and write
7FF7A5920000
unkown
page readonly
24C18AF0000
heap
page read and write
7FF61CC4F000
unkown
page execute and write copy
174FF150000
heap
page read and write
271E80E0000
heap
page read and write
7FF725F6D000
unkown
page execute and write copy
2AB0E24E000
heap
page read and write
7FF65441D000
unkown
page execute and read and write
294717B0000
heap
page read and write
19B31719000
heap
page read and write
28C137E9000
heap
page read and write
21B5F560000
heap
page read and write
234F9E9B000
heap
page read and write
2AB0DA86000
heap
page read and write
1FA898F0000
heap
page read and write
1D7692D8000
direct allocation
page execute read
2AB0B8F7000
heap
page read and write
2E379000000
direct allocation
page execute read
944F9FC000
stack
page read and write
19A050F0000
heap
page read and write
17E16BF0000
heap
page read and write
220D19B0000
heap
page read and write
19B318B0000
heap
page read and write
24DCA929000
heap
page read and write
208A5370000
heap
page read and write
7FF602D6B000
unkown
page execute and read and write
23030A1B000
heap
page read and write
C6252FF000
stack
page read and write
7FF79628D000
unkown
page execute and write copy
7FF7B66F0000
unkown
page readonly
22E9115B000
heap
page read and write
7FF7C3F41000
unkown
page write copy
7FF7A8ACD000
unkown
page execute and read and write
2AB0A792000
heap
page read and write
7FF77C8BB000
unkown
page execute and read and write
1FA89930000
direct allocation
page execute read
7FF699FEB000
unkown
page execute and read and write
1FA98259000
heap
page read and write
1C7046E9000
heap
page read and write
7FF6B40BF000
unkown
page execute and write copy
271EA044000
unkown
page read and write
1FA25C40000
heap
page read and write
271EA2AC000
unkown
page read and write
7FF67DBC0000
unkown
page readonly
7FF6BEE71000
unkown
page write copy
9EFBAFF000
stack
page read and write
56577FF000
stack
page read and write
2AB07F0C000
heap
page read and write
7FF6E084D000
unkown
page execute and write copy
21B5F580000
heap
page read and write
7FF654421000
unkown
page read and write
975C1FE000
stack
page read and write
2AB07CD7000
heap
page read and write
1FA98388000
direct allocation
page execute read
28C137B0000
heap
page read and write
2AB0B7EC000
heap
page read and write
7FF6CA381000
unkown
page read and write
1D6F41F0000
heap
page read and write
7FF650B90000
unkown
page readonly
220D1650000
heap
page read and write
19A05310000
direct allocation
page execute read
7FF67DFAD000
unkown
page execute and read and write
7FF61CC51000
unkown
page write copy
7FF61CC4D000
unkown
page execute and read and write
2AB09EF6000
heap
page read and write
7FF666B5D000
unkown
page execute and write copy
1C41F020000
direct allocation
page execute read
1B6DCC59000
heap
page read and write
7FF7C3B50000
unkown
page readonly
1E2F8819000
heap
page read and write
1FDFAFB0000
direct allocation
page execute read
271EC010000
unkown
page readonly
8877DFF000
stack
page read and write
2AB0889A000
heap
page read and write
7FF77C770000
unkown
page readonly
1D7692D0000
direct allocation
page execute read
7FF650F7D000
unkown
page execute and read and write
29471B30000
heap
page read and write
1B003230000
heap
page read and write
7FF7A5CFB000
unkown
page execute and read and write
2AB07347000
heap
page read and write
7FF777B5D000
unkown
page execute and write copy
687F1FF000
stack
page read and write
6A57EFF000
stack
page read and write
2AB0EE61000
heap
page read and write
D3238FF000
stack
page read and write
7FF74E341000
unkown
page write copy
2AB0C08B000
heap
page read and write
24C188C0000
heap
page read and write
25B48380000
direct allocation
page execute read
2AB0B149000
heap
page read and write
7FF670A00000
unkown
page readonly
7FF725FED000
unkown
page execute and read and write
271E8240000
unkown
page readonly
271EA0A6000
unkown
page read and write
7FF6CA37F000
unkown
page execute and write copy
7FF6ACEDD000
unkown
page execute and read and write
2AB09237000
heap
page read and write
7FF725FEF000
unkown
page execute and write copy
2AB07455000
heap
page read and write
E6B8FFF000
stack
page read and write
7FF6B40C1000
unkown
page read and write
7FF7A8AD1000
unkown
page read and write
271E84F5000
heap
page read and write
7FF6E04E0000
unkown
page readonly
5A6EEFF000
stack
page read and write
7FF7822D1000
unkown
page read and write
7FF725C00000
unkown
page readonly
28C137EC000
heap
page read and write
6D592FF000
stack
page read and write
2AB0CB3C000
heap
page read and write
234F9E60000
heap
page read and write
1B237BC000
stack
page read and write
7FF666BDF000
unkown
page execute and write copy
1E2F8810000
heap
page read and write
6120FF000
stack
page read and write
2AB08BC3000
heap
page read and write
7FF6CA0DB000
unkown
page execute and read and write
1E8CFCAB000
heap
page read and write
7FF650EFD000
unkown
page execute and write copy
1C704600000
heap
page read and write
48108FF000
stack
page read and write
2AB089A2000
heap
page read and write
43863EC000
stack
page read and write
25B48330000
heap
page read and write
7FF6A918B000
unkown
page execute and read and write
7FF7822D1000
unkown
page write copy
1E2F87C0000
heap
page read and write
2AB0C5ED000
heap
page read and write
205B08A0000
heap
page read and write
6121FF000
stack
page read and write
1B6DCE60000
direct allocation
page execute read
1FA98250000
heap
page read and write
7FF725C00000
unkown
page readonly
B0052FC000
stack
page read and write
19A05129000
heap
page read and write
2AB0F1BF000
heap
page read and write
7FF60FD6B000
unkown
page execute and read and write
1D7693D0000
heap
page read and write
7FF6015ED000
unkown
page execute and write copy
7FF654030000
unkown
page readonly
1E8CFCB2000
heap
page read and write
7C354FE000
stack
page read and write
7FF6ACE5D000
unkown
page execute and write copy
1AB7C630000
direct allocation
page execute read
7FF725D4B000
unkown
page execute and read and write
7FF6BEE6F000
unkown
page execute and write copy
7FF68B300000
unkown
page readonly
7FF7BC361000
unkown
page read and write
1B6DCE68000
direct allocation
page execute read
2AB0D62F000
heap
page read and write
7FF7BBF70000
unkown
page readonly
7FF666BDD000
unkown
page execute and read and write
C6251FF000
stack
page read and write
2AB0A35A000
heap
page read and write
7FF6ACEE1000
unkown
page write copy
7FF725FF1000
unkown
page write copy
220D1880000
direct allocation
page execute read
7FF77CB5D000
unkown
page execute and read and write
7FF62C74D000
unkown
page execute and write copy
2E378ED0000
heap
page read and write
271EC020000
unkown
page read and write
7FF650F81000
unkown
page write copy
7FF637BCB000
unkown
page execute and read and write
271EA224000
unkown
page read and write
271E80D0000
unkown
page readonly
7FF688C1D000
unkown
page execute and write copy
7FF77B680000
unkown
page readonly
1E8CFCA0000
heap
page read and write
1B23BFF000
stack
page read and write
208A53BB000
heap
page read and write
271E8230000
unkown
page read and write
203676C0000
heap
page read and write
E90D6FC000
stack
page read and write
2AB09BCA000
heap
page read and write
220D1730000
heap
page read and write
28C0FE000
stack
page read and write
2AB0712B000
heap
page read and write
2E379008000
direct allocation
page execute read
29471808000
direct allocation
page execute read
7FF61CC3B000
unkown
page execute and read and write
7FF74E32B000
unkown
page execute and read and write
13E598D0000
heap
page read and write
7FF7A5D0D000
unkown
page execute and read and write
2E345328000
direct allocation
page execute read
1FA89938000
direct allocation
page execute read
7FF700E5D000
unkown
page execute and read and write
7FF601671000
unkown
page read and write
1D7692A0000
heap
page read and write
24990738000
direct allocation
page execute read
1B6DCE20000
heap
page read and write
7FF79630F000
unkown
page execute and write copy
174FF070000
heap
page read and write
8EBCBFC000
unkown
page read and write
19B3171C000
heap
page read and write
7FF602990000
unkown
page readonly
2AB0E59C000
heap
page read and write
19B31810000
heap
page read and write
24C1A2A8000
direct allocation
page execute read
23030A00000
direct allocation
page execute read
7FF699D5B000
unkown
page execute and read and write
F8489FF000
stack
page read and write
220D1888000
direct allocation
page execute read
2AB07679000
heap
page read and write
7FF74870F000
unkown
page execute and write copy
2AB0CF8F000
heap
page read and write
944FDFF000
stack
page read and write
1C705FE0000
direct allocation
page execute read
7FF777BDF000
unkown
page execute and write copy
249907A0000
heap
page read and write
2AB0BB18000
heap
page read and write
1B003009000
heap
page read and write
2AB07785000
heap
page read and write
23686470000
heap
page read and write
2AB0BE64000
heap
page read and write
29471800000
direct allocation
page execute read
2AB07898000
heap
page read and write
7FF69A001000
unkown
page write copy
7FF67C7F1000
unkown
page write copy
988B2FC000
stack
page read and write
7FF7B8A5B000
unkown
page execute and read and write
7FF7C3EBD000
unkown
page execute and write copy
7FF602990000
unkown
page readonly
7FF757ACD000
unkown
page execute and write copy
2AB06F05000
heap
page read and write
7FF700A70000
unkown
page readonly
24930428000
direct allocation
page execute read
7FF77C770000
unkown
page readonly
7FF757760000
unkown
page readonly
EFD79AC000
stack
page read and write
7FF7B66F0000
unkown
page readonly
7FF77BA71000
unkown
page write copy
236863E0000
heap
page read and write
7FF6ACAF0000
unkown
page readonly
1FA25B90000
heap
page read and write
17E16B70000
heap
page read and write
2AB0DDD7000
heap
page read and write
7FF74846B000
unkown
page execute and read and write
7FF7A8ACF000
unkown
page execute and write copy
7FF6888B0000
unkown
page readonly
174FF648000
direct allocation
page execute read
7FF7B87CB000
unkown
page execute and read and write
174FF1B9000
heap
page read and write
7FF65439D000
unkown
page execute and write copy
7FF77CB5F000
unkown
page execute and write copy
208A53B9000
heap
page read and write
E178AFF000
stack
page read and write
1FA25980000
heap
page read and write
249907AB000
heap
page read and write
2AB09344000
heap
page read and write
944FCFF000
stack
page read and write
E90D7FE000
stack
page read and write
2AB0CC48000
heap
page read and write
1B002FE0000
heap
page read and write
2AB0D50F000
heap
page read and write
2AB0C6FB000
heap
page read and write
1FA898D0000
heap
page read and write
234F9E80000
heap
page read and write
24DCA8A8000
direct allocation
page execute read
8C2B3FF000
stack
page read and write
19B31868000
direct allocation
page execute read
19A05440000
heap
page read and write
8EBC81C000
unkown
page read and write
2AB0B02D000
heap
page read and write
1E2F87F0000
direct allocation
page execute read
3A05FCC000
stack
page read and write
23686479000
heap
page read and write
203674B0000
heap
page read and write
174FF640000
direct allocation
page execute read
365A7FF000
stack
page read and write
7FF670DDB000
unkown
page execute and read and write
B708F1C000
stack
page read and write
7FF60FC20000
unkown
page readonly
C6250FC000
stack
page read and write
7FF700E61000
unkown
page read and write
2AB07016000
heap
page read and write
2AB0A8A8000
heap
page read and write
19A05120000
heap
page read and write
1D6F4000000
heap
page read and write
23686780000
heap
page read and write
7FF6A91A1000
unkown
page write copy
7FF6888B0000
unkown
page readonly
2E345109000
heap
page read and write
7FF7BC35F000
unkown
page execute and write copy
EFD7DFF000
stack
page read and write
8877CFE000
stack
page read and write
7FF795F20000
unkown
page readonly
7FF7DCC61000
unkown
page read and write
1B6DCC30000
heap
page read and write
7FF77B7CB000
unkown
page execute and read and write
2AB0B5BB000
heap
page read and write
7FF62C7CD000
unkown
page execute and read and write
7FF688C8B000
unkown
page execute and read and write
3A062FE000
stack
page read and write
2E379019000
heap
page read and write
2E3450F0000
heap
page read and write
1AB7C600000
heap
page read and write
271EA580000
unkown
page readonly
271EA0F0000
unkown
page read and write
2AB0ABE6000
heap
page read and write
7FF74868D000
unkown
page execute and write copy
199A8950000
heap
page read and write
2530D9C0000
heap
page read and write
1B003210000
direct allocation
page execute read
2AB0ED51000
heap
page read and write
8EBC81E000
unkown
page read and write
2AB099A5000
heap
page read and write
1C7046EB000
heap
page read and write
2AB0C2A0000
heap
page read and write
205B09E9000
heap
page read and write
1D769180000
heap
page read and write
7FF650F81000
unkown
page read and write
23030A10000
heap
page read and write
7FF601280000
unkown
page readonly
1FA259A0000
heap
page read and write
7FF725FF1000
unkown
page read and write
7FF7A86E0000
unkown
page readonly
7FF637BE1000
unkown
page read and write
2AB0989B000
heap
page read and write
271E9BFE000
unkown
page read and write
7FF68B6F1000
unkown
page read and write
203675A9000
heap
page read and write
2AB0C912000
heap
page read and write
7FF7687BD000
unkown
page execute and read and write
7FF602D7F000
unkown
page execute and write copy
2AB0F3DB000
heap
page read and write
2AB0C19B000
heap
page read and write
19B31630000
heap
page read and write
7FF7A8A4D000
unkown
page execute and write copy
7FF77CB61000
unkown
page write copy
7FF6BEE6D000
unkown
page execute and read and write
28BFFE000
stack
page read and write
25B48320000
heap
page read and write
7FF7A5D0F000
unkown
page execute and write copy
2E34510C000
heap
page read and write
2AB09CD2000
heap
page read and write
1FA259AB000
heap
page read and write
1C41F06B000
heap
page read and write
7FF6CA2FD000
unkown
page execute and write copy
7FF68B300000
unkown
page readonly
7FF7B6ADF000
unkown
page execute and write copy
7FF66693B000
unkown
page execute and read and write
1D6F4020000
heap
page read and write
7FF670DF1000
unkown
page read and write
7FF602D7D000
unkown
page execute and read and write
24930720000
heap
page read and write
7FF61CBCD000
unkown
page execute and write copy
271EA17A000
unkown
page read and write
7FF7B6AE1000
unkown
page write copy
1AB7C638000
direct allocation
page execute read
43867FF000
stack
page read and write
21B5F550000
heap
page read and write
2AB0AACB000
heap
page read and write
205B09D8000
direct allocation
page execute read
7FF6E08CF000
unkown
page execute and write copy
8EBC6DE000
stack
page read and write
2AB06BD0000
heap
page read and write
2AB0AE08000
heap
page read and write
1FDFAF60000
heap
page read and write
208A5310000
heap
page read and write
7FF796311000
unkown
page read and write
220D1770000
heap
page read and write
7FF67C400000
unkown
page readonly
7FF6377F0000
unkown
page readonly
7FF68B6ED000
unkown
page execute and read and write
2AB0E7D5000
heap
page read and write
2AB0A575000
heap
page read and write
B0054FF000
stack
page read and write
7FF60165B000
unkown
page execute and read and write
7FF76851B000
unkown
page execute and read and write
54B18FF000
stack
page read and write
2AB0D977000
heap
page read and write
24990730000
direct allocation
page execute read
2AB09019000
heap
page read and write
7FF7C3F3F000
unkown
page execute and write copy
2E378FB0000
heap
page read and write
13E59A8B000
heap
page read and write
1E8CFC50000
heap
page read and write
271EA1E2000
unkown
page read and write
7FF688CA1000
unkown
page write copy
234FB838000
direct allocation
page execute read
25B483F0000
heap
page read and write
2AB0F092000
heap
page read and write
2AB0845D000
heap
page read and write
7FF7B8A71000
unkown
page read and write
1FDFAFF9000
heap
page read and write
7FF700BBB000
unkown
page execute and read and write
7FF77793B000
unkown
page execute and read and write
2AB0CA25000
heap
page read and write
7FF74DF50000
unkown
page readonly
7FF6E08D1000
unkown
page read and write
7FF666BE1000
unkown
page read and write
28C13730000
direct allocation
page execute read
1D6F4220000
direct allocation
page execute read
7FF6BEBCB000
unkown
page execute and read and write
7FF60166D000
unkown
page execute and read and write
7FF699FFF000
unkown
page execute and write copy
230309D0000
heap
page read and write
7FF60166F000
unkown
page execute and write copy
7FF6ACEDF000
unkown
page execute and write copy
2AB0723E000
heap
page read and write
2AB09459000
heap
page read and write
2AB08EF0000
heap
page read and write
7FF7777F0000
unkown
page readonly
67188FE000
stack
page read and write
E1788FC000
stack
page read and write
24DCA850000
heap
page read and write
1D6F4228000
direct allocation
page execute read
7FF7B6A5D000
unkown
page execute and write copy
1B0031D0000
heap
page read and write
2AB0EF7B000
heap
page read and write
249302F0000
heap
page read and write
7FF74870D000
unkown
page execute and read and write
271E84F0000
heap
page read and write
1FA98350000
heap
page read and write
6D593FF000
stack
page read and write
24C188F9000
heap
page read and write
2AB0C803000
heap
page read and write
2AB0E8FF000
heap
page read and write
7FF6889FB000
unkown
page execute and read and write
7FF670A00000
unkown
page readonly
7FF68B6F1000
unkown
page write copy
1E2F881C000
heap
page read and write
2530D7A0000
heap
page read and write
7FF6BEE71000
unkown
page read and write
19B31860000
direct allocation
page execute read
2E3452D0000
heap
page read and write
220D1750000
heap
page read and write
1FA98230000
heap
page read and write
1FDFAF80000
heap
page read and write
17E16B30000
heap
page read and write
24930420000
direct allocation
page execute read
1C41F07D000
heap
page read and write
7FF757B51000
unkown
page write copy
1E8D0040000
heap
page read and write
271E81E0000
unkown
page read and write
7FF77B9ED000
unkown
page execute and write copy
199A8B90000
heap
page read and write
687ED3C000
stack
page read and write
17E16BF9000
heap
page read and write
7FF77BA71000
unkown
page read and write
5A6EDFF000
stack
page read and write
2AB0E6B6000
heap
page read and write
2530D8D0000
direct allocation
page execute read
D32351C000
stack
page read and write
21B5F58B000
heap
page read and write
7FF79606B000
unkown
page execute and read and write
7FF6A919F000
unkown
page execute and write copy
2AB0BD54000
heap
page read and write
2AB08015000
heap
page read and write
22E92A18000
direct allocation
page execute read
7FF700A70000
unkown
page readonly
2E345100000
heap
page read and write
2AB0F608000
heap
page read and write
271E9C30000
heap
page read and write
7FF7C3C9B000
unkown
page execute and read and write
8EBCC7E000
unkown
page readonly
1FA98420000
heap
page read and write
1D6F4290000
heap
page read and write
234F9E99000
heap
page read and write
2AB0D2CE000
heap
page read and write
6D58FBC000
stack
page read and write
7FF67DFAF000
unkown
page execute and write copy
1C704830000
heap
page read and write
234F9E90000
heap
page read and write
988B3FF000
stack
page read and write
234FA060000
heap
page read and write
1E8D0010000
direct allocation
page execute read
7C353FE000
stack
page read and write
230308D0000
heap
page read and write
1C41F030000
heap
page read and write
19B31830000
heap
page read and write
2AB0DEFF000
heap
page read and write
24DCA8A0000
direct allocation
page execute read
1FA259A9000
heap
page read and write
271EC120000
unkown
page read and write
3A063FF000
stack
page read and write
24DCAB00000
heap
page read and write
7FF6E08CD000
unkown
page execute and read and write
C5387EC000
stack
page read and write
7FF6B403D000
unkown
page execute and write copy
199A88B0000
heap
page read and write
7FF666BE1000
unkown
page write copy
7FF6E04E0000
unkown
page readonly
7FF67DBC0000
unkown
page readonly
E55DEFC000
stack
page read and write
E6B8EFE000
stack
page read and write
2AB09564000
heap
page read and write
7FF602D81000
unkown
page read and write
1E2F87F8000
direct allocation
page execute read
7FF63793B000
unkown
page execute and read and write
7FF61C9AB000
unkown
page execute and read and write
2AB0AF1E000
heap
page read and write
24C188D0000
heap
page read and write
7FF6B40AB000
unkown
page execute and read and write
7FF7683D0000
unkown
page readonly
67187FE000
stack
page read and write
7FF602D81000
unkown
page write copy
249906E0000
heap
page read and write
7FF670DF1000
unkown
page write copy
7FF777BDD000
unkown
page execute and read and write
2AB0D1A1000
heap
page read and write
13E59A89000
heap
page read and write
7FF67C76D000
unkown
page execute and write copy
174FF1B0000
heap
page read and write
2AB0CD64000
heap
page read and write
7FF60FF8D000
unkown
page execute and write copy
1FDFAFF0000
heap
page read and write
7FF7B8680000
unkown
page readonly
271EA68E000
unkown
page read and write
24DCA920000
heap
page read and write
2AB0823A000
heap
page read and write
2AB0A23C000
heap
page read and write
1FA897F0000
heap
page read and write
7FF6A8EFB000
unkown
page execute and read and write
2AB09125000
heap
page read and write
7FF77BA5B000
unkown
page execute and read and write
1E8CFC60000
heap
page read and write
EFD7CFF000
stack
page read and write
97394FF000
stack
page read and write
7FF62C52B000
unkown
page execute and read and write
7FF74E09B000
unkown
page execute and read and write
7FF74E33D000
unkown
page execute and read and write
271EA2A8000
unkown
page read and write
7FF777BE1000
unkown
page read and write
13E59CE0000
heap
page read and write
199A88E8000
direct allocation
page execute read
2AB0BC34000
heap
page read and write
7FF68B6EF000
unkown
page execute and write copy
2AB09676000
heap
page read and write
249907A9000
heap
page read and write
1C7047E0000
heap
page read and write
2AB07566000
heap
page read and write
7FF7DCBDD000
unkown
page execute and write copy
7FF77BA6D000
unkown
page execute and read and write
7FF777BE1000
unkown
page write copy
97392FC000
stack
page read and write
C538BFF000
stack
page read and write
6A57FFF000
stack
page read and write
7FF7687C1000
unkown
page read and write
B7093FF000
stack
page read and write
7FF637BE1000
unkown
page write copy
208A5380000
direct allocation
page execute read
7FF6BEA80000
unkown
page readonly
17E16BFB000
heap
page read and write
7FF6C9F90000
unkown
page readonly
24DCA870000
heap
page read and write
2AB0C3B3000
heap
page read and write
205B09A0000
heap
page read and write
7FF7DCC61000
unkown
page write copy
6E97FFF000
stack
page read and write
24C188FB000
heap
page read and write
1B003218000
direct allocation
page execute read
1C41F028000
direct allocation
page execute read
7FF796311000
unkown
page write copy
7FF7822CD000
unkown
page execute and read and write
7FF7822BB000
unkown
page execute and read and write
7FF670B4B000
unkown
page execute and read and write
7FF68B44B000
unkown
page execute and read and write
67186FC000
stack
page read and write
7FF7BC2DD000
unkown
page execute and write copy
7FF700E61000
unkown
page write copy
249304B0000
heap
page read and write
1E2F86C0000
heap
page read and write
C538AFE000
stack
page read and write
1AB7C500000
heap
page read and write
88779DC000
stack
page read and write
7FF6667F0000
unkown
page readonly
7FF7A5920000
unkown
page readonly
19B31710000
heap
page read and write
7FF6ACC3B000
unkown
page execute and read and write
7FF7BC361000
unkown
page write copy
2AB0A00E000
heap
page read and write
7FF748711000
unkown
page read and write
22E91140000
heap
page read and write
7FF7B8680000
unkown
page readonly
7FF7687AB000
unkown
page execute and read and write
7FF6CA381000
unkown
page write copy
174FF190000
heap
page read and write
10EBFFE000
stack
page read and write
43866FF000
stack
page read and write
7FF699FFD000
unkown
page execute and read and write
271EA870000
unkown
page read and write
7FF7A5D11000
unkown
page write copy
1AB7C5E0000
heap
page read and write
2AB0CE75000
heap
page read and write
7FF6A91A1000
unkown
page read and write
2AB08DE5000
heap
page read and write
7FF68B66D000
unkown
page execute and write copy
7FF67DD0B000
unkown
page execute and read and write
1C7046E0000
heap
page read and write
7FF7486FB000
unkown
page execute and read and write
234FB830000
direct allocation
page execute read
7FF757760000
unkown
page readonly
2AB08569000
heap
page read and write
7FF699C10000
unkown
page readonly
2AB09DE3000
heap
page read and write
2AB0DCCA000
heap
page read and write
2AB0E01E000
heap
page read and write
1B6DCC50000
heap
page read and write
28C137E0000
heap
page read and write
8EBC7DE000
stack
page read and write
8EBC81A000
unkown
page read and write
220D177B000
heap
page read and write
F848AFF000
stack
page read and write
199A8959000
heap
page read and write
7FF7B6AE1000
unkown
page read and write
236863D0000
heap
page read and write
7FF6ACEE1000
unkown
page read and write
2AB0BA0A000
heap
page read and write
13E59A08000
direct allocation
page execute read
D2618FC000
stack
page read and write
7FF7DC870000
unkown
page readonly
7FF6E08BB000
unkown
page execute and read and write
7FF74E2BD000
unkown
page execute and write copy
23030A19000
heap
page read and write
2E379010000
heap
page read and write
B7092FE000
stack
page read and write
13E59A80000
heap
page read and write
7FF6E08D1000
unkown
page write copy
97393FE000
stack
page read and write
1AB7C780000
heap
page read and write
271E84FB000
heap
page read and write
975BD7C000
stack
page read and write
23686400000
heap
page read and write
E90D8FE000
stack
page read and write
2AB0A9B5000
heap
page read and write
24C1A2A0000
direct allocation
page execute read
7FF601671000
unkown
page write copy
E55E0FF000
stack
page read and write
2AB0F2C6000
heap
page read and write
2530D8A0000
heap
page read and write
7FF77B680000
unkown
page readonly
1FDFAF50000
heap
page read and write
7FF7822CF000
unkown
page execute and write copy
2E3791A0000
heap
page read and write
7FF7687BF000
unkown
page execute and write copy
7FF688C9D000
unkown
page execute and read and write
2AB0ACFC000
heap
page read and write
23686438000
direct allocation
page execute read
7FF670DED000
unkown
page execute and read and write
17E16B98000
direct allocation
page execute read
13E599D0000
heap
page read and write
18F4FFF000
stack
page read and write
7FF610011000
unkown
page write copy
294717D0000
heap
page read and write
199A87B0000
heap
page read and write
1FDFB3B0000
heap
page read and write
1FA25BB8000
direct allocation
page execute read
7FF7DCC4B000
unkown
page execute and read and write
9EFB9FF000
stack
page read and write
7FF700DDD000
unkown
page execute and write copy
19A052F0000
heap
page read and write
1C705FE8000
direct allocation
page execute read
7FF7B89ED000
unkown
page execute and write copy
25B48388000
direct allocation
page execute read
611D6C000
stack
page read and write
7FF602CFD000
unkown
page execute and write copy
1B6DCC5B000
heap
page read and write
13E599B0000
heap
page read and write
7FF62C3E0000
unkown
page readonly
294717A0000
heap
page read and write
271EA2F2000
heap
page read and write
7FF654421000
unkown
page write copy
7FF7683D0000
unkown
page readonly
10EBEFC000
stack
page read and write
28C13738000
direct allocation
page execute read
7FF67DF9B000
unkown
page execute and read and write
1B6DCF90000
heap
page read and write
2530D880000
heap
page read and write
19A05318000
direct allocation
page execute read
2E345490000
heap
page read and write
7FF61C860000
unkown
page readonly
7FF688C9F000
unkown
page execute and write copy
1AB7C409000
heap
page read and write
1D7691A0000
heap
page read and write
271EC920000
unkown
page read and write
1FA89970000
heap
page read and write
F8488FC000
stack
page read and write
2AB0E134000
heap
page read and write
7FF7B6ACB000
unkown
page execute and read and write
25B483FB000
heap
page read and write
7FF6BEE5B000
unkown
page execute and read and write
205B09D0000
direct allocation
page execute read
7FF6BEDED000
unkown
page execute and write copy
24990AE0000
heap
page read and write
205B0B30000
heap
page read and write
1FA8997B000
heap
page read and write
7FF67DFB1000
unkown
page read and write
2AB0D73C000
heap
page read and write
24990700000
heap
page read and write
7FF757B51000
unkown
page read and write
2AB08348000
heap
page read and write
174FF1BC000
heap
page read and write
1D7691A9000
heap
page read and write
271E9FE2000
unkown
page read and write
19A0512C000
heap
page read and write
13E59A00000
direct allocation
page execute read
7FF74DF50000
unkown
page readonly
7FF74E341000
unkown
page read and write
7FF76873D000
unkown
page execute and write copy
23030CC0000
heap
page read and write
8EBCCFB000
unkown
page read and write
2AB0A682000
heap
page read and write
7FF7777F0000
unkown
page readonly
271E9B10000
unkown
page read and write
There are 1012 hidden memdumps, click here to show them.