Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
psol.txt.ps1
|
ASCII text
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Roaming\Extracted1\Register.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\._setup.exe
|
AppleDouble encoded Macintosh file
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Extracted1\libvlccore.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Extracted1\resource_\Font\Pfm\Locals\x64\AdonisUI.ClassicTheme.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Extracted1\resource_\Font\Pfm\Locals\x64\AdonisUI.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Extracted1\resource_\Font\Pfm\Locals\x64\SQLite.Interop.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Extracted1\resource_\Font\Pfm\Locals\x86\BouncyCastle.Crypto.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Extracted1\resource_\Font\Pfm\Locals\x86\SQLite.Interop.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Extracted1\resource_\Register.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Extracted1\resource_\libvlccore.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Extracted1\resource_\rtl120.bpl
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Extracted1\setup.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_lawaq4la.agj.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_lkzobuuj.vzg.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\._Register.dll
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\._carferry.flv
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\._libvlccore.dll
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\._resource_
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\._CMap
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\._Font
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\._Register.dll
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\._carferry.flv
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\._glioma.asp
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\._libvlccore.dll
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\._resources.pak
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\._rtl120.bpl
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\CMap\._Identity-H
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\CMap\._Identity-V
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\CMap\._UCS2-GBK-EUC
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\CMap\._UniKS-UTF16-H
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\CMap\._UniKS-UTF16-V
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\Font\._AdobePIStd.otf
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\Font\._CourierStd-Bold.otf
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\Font\._CourierStd-BoldOblique.otf
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\Font\._CourierStd-Oblique.otf
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\Font\._CourierStd.otf
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\Font\._MinionPro-Bold.otf
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\Font\._MinionPro-BoldIt.otf
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\Font\._MinionPro-It.otf
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\Font\._MinionPro-Regular.otf
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\Font\._MyriadPro-Bold.otf
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\Font\._MyriadPro-BoldIt.otf
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\Font\._MyriadPro-It.otf
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\Font\._MyriadPro-Regular.otf
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\Font\._Pfm
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\Font\._SY______.PFB
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\Font\._ZX______.PFB
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\Font\._ZY______.PFB
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\Font\Pfm\._CMap
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\Font\Pfm\._Font
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\Font\Pfm\._Locals
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\Font\Pfm\._SY______.PFM
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\Font\Pfm\._SaslPrep
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\Font\Pfm\._TypeSupport
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\Font\Pfm\._opengl64.dll
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\Font\Pfm\._resources.pak
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\Font\Pfm\._zx______.pfm
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\Font\Pfm\._zy______.pfm
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\Font\Pfm\CMap\._Identity-H
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\Font\Pfm\CMap\._Identity-V
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\Font\Pfm\CMap\._UCS2-GBK-EUC
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\Font\Pfm\CMap\._UniKS-UTF16-H
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\Font\Pfm\CMap\._UniKS-UTF16-V
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\Font\Pfm\Font\._AdobePIStd.otf
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\Font\Pfm\Font\._CourierStd-Bold.otf
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\Font\Pfm\Font\._CourierStd-BoldOblique.otf
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\Font\Pfm\Font\._CourierStd-Oblique.otf
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\Font\Pfm\Font\._CourierStd.otf
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\Font\Pfm\Font\._MinionPro-Bold.otf
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\Font\Pfm\Font\._MinionPro-BoldIt.otf
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\Font\Pfm\Font\._MinionPro-It.otf
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\Font\Pfm\Font\._MinionPro-Regular.otf
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\Font\Pfm\Font\._MyriadPro-Bold.otf
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\Font\Pfm\Font\._MyriadPro-BoldIt.otf
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\Font\Pfm\Font\._MyriadPro-It.otf
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\Font\Pfm\Font\._MyriadPro-Regular.otf
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\Font\Pfm\Font\._Pfm
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\Font\Pfm\Font\._SY______.PFB
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\Font\Pfm\Font\._ZX______.PFB
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\Font\Pfm\Font\._ZY______.PFB
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\Font\Pfm\Font\Pfm\._SY______.PFM
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\Font\Pfm\Font\Pfm\._zx______.pfm
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\Font\Pfm\Font\Pfm\._zy______.pfm
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\Font\Pfm\Locals\._am.pak
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\Font\Pfm\Locals\._ar.pak
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\Font\Pfm\Locals\._fi.pak
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\Font\Pfm\Locals\._fil.pak
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\Font\Pfm\Locals\._fr.pak
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\Font\Pfm\Locals\._gu.pak
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\Font\Pfm\Locals\._he.pak
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\Font\Pfm\Locals\._hi.pak
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\Font\Pfm\Locals\._hr.pak
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\Font\Pfm\Locals\._hu.pak
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\Font\Pfm\Locals\._id.pak
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\Font\Pfm\Locals\._lt.pak
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\Font\Pfm\Locals\._lv.pak
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\Font\Pfm\Locals\._x64
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\Font\Pfm\Locals\._x86
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\Font\Pfm\Locals\x64\._AdonisUI.ClassicTheme.dll
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\Font\Pfm\Locals\x64\._AdonisUI.ClassicTheme.xml
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\Font\Pfm\Locals\x64\._AdonisUI.dll
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\Font\Pfm\Locals\x64\._AdonisUI.xml
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\Font\Pfm\Locals\x64\._SQLite.Interop.dll
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\Font\Pfm\Locals\x86\._BouncyCastle.Crypto.dll
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\Font\Pfm\Locals\x86\._BouncyCastle.Crypto.xml
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\Font\Pfm\Locals\x86\._SQLite.Interop.dll
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\Font\Pfm\SaslPrep\._SaslPrepProfile_norm_bidi.spp
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\Font\Pfm\TypeSupport\._Unicode
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\Font\Pfm\TypeSupport\Unicode\._ICU
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\Font\Pfm\TypeSupport\Unicode\._Mappings
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\Font\Pfm\TypeSupport\Unicode\ICU\._icudt26l.dat
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\Font\Pfm\TypeSupport\Unicode\Mappings\._Adobe
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\Font\Pfm\TypeSupport\Unicode\Mappings\._Mac
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\Font\Pfm\TypeSupport\Unicode\Mappings\._win
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\Font\Pfm\TypeSupport\Unicode\Mappings\Adobe\._symbol.txt
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\Font\Pfm\TypeSupport\Unicode\Mappings\Adobe\._zdingbat.txt
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\Font\Pfm\TypeSupport\Unicode\Mappings\Mac\._CENTEURO.TXT
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\Font\Pfm\TypeSupport\Unicode\Mappings\Mac\._CORPCHAR.TXT
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\Font\Pfm\TypeSupport\Unicode\Mappings\Mac\._CROATIAN.TXT
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\Font\Pfm\TypeSupport\Unicode\Mappings\Mac\._CYRILLIC.TXT
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\Font\Pfm\TypeSupport\Unicode\Mappings\Mac\._GREEK.TXT
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\Font\Pfm\TypeSupport\Unicode\Mappings\Mac\._ICELAND.TXT
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\Font\Pfm\TypeSupport\Unicode\Mappings\Mac\._ROMAN.TXT
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\Font\Pfm\TypeSupport\Unicode\Mappings\Mac\._ROMANIAN.TXT
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\Font\Pfm\TypeSupport\Unicode\Mappings\Mac\._SYMBOL.TXT
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\Font\Pfm\TypeSupport\Unicode\Mappings\Mac\._TURKISH.TXT
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\Font\Pfm\TypeSupport\Unicode\Mappings\Mac\._UKRAINE.TXT
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\Font\Pfm\TypeSupport\Unicode\Mappings\win\._CP1250.TXT
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\Font\Pfm\TypeSupport\Unicode\Mappings\win\._CP1251.TXT
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\Font\Pfm\TypeSupport\Unicode\Mappings\win\._CP1252.TXT
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\Font\Pfm\TypeSupport\Unicode\Mappings\win\._CP1253.TXT
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\Font\Pfm\TypeSupport\Unicode\Mappings\win\._CP1254.TXT
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\Font\Pfm\TypeSupport\Unicode\Mappings\win\._CP1257.TXT
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\__MACOSX\resource_\Font\Pfm\TypeSupport\Unicode\Mappings\win\._CP1258.TXT
|
AppleDouble encoded Macintosh file
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\carferry.flv
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\resource_\CMap\Identity-H
|
PostScript document text conforming DSC level 3.0
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\resource_\CMap\Identity-V
|
PostScript document text conforming DSC level 3.0
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\resource_\CMap\UCS2-GBK-EUC
|
PostScript document text conforming DSC level 3.0
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\resource_\CMap\UniKS-UTF16-H
|
PostScript document text conforming DSC level 3.0
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\resource_\CMap\UniKS-UTF16-V
|
PostScript document text conforming DSC level 3.0
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\resource_\Font\AdobePIStd.otf
|
OpenType font data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\resource_\Font\CourierStd-Bold.otf
|
OpenType font data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\resource_\Font\CourierStd-BoldOblique.otf
|
OpenType font data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\resource_\Font\CourierStd-Oblique.otf
|
OpenType font data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\resource_\Font\CourierStd.otf
|
OpenType font data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\resource_\Font\MinionPro-Bold.otf
|
OpenType font data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\resource_\Font\MinionPro-BoldIt.otf
|
OpenType font data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\resource_\Font\MinionPro-It.otf
|
OpenType font data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\resource_\Font\MinionPro-Regular.otf
|
OpenType font data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\resource_\Font\MyriadPro-Bold.otf
|
OpenType font data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\resource_\Font\MyriadPro-BoldIt.otf
|
OpenType font data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\resource_\Font\MyriadPro-It.otf
|
OpenType font data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\resource_\Font\MyriadPro-Regular.otf
|
OpenType font data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\resource_\Font\Pfm\CMap\Identity-H
|
PostScript document text conforming DSC level 3.0
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\resource_\Font\Pfm\CMap\Identity-V
|
PostScript document text conforming DSC level 3.0
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\resource_\Font\Pfm\CMap\UCS2-GBK-EUC
|
PostScript document text conforming DSC level 3.0
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\resource_\Font\Pfm\CMap\UniKS-UTF16-H
|
PostScript document text conforming DSC level 3.0
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\resource_\Font\Pfm\CMap\UniKS-UTF16-V
|
PostScript document text conforming DSC level 3.0
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\resource_\Font\Pfm\Font\AdobePIStd.otf
|
OpenType font data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\resource_\Font\Pfm\Font\CourierStd-Bold.otf
|
OpenType font data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\resource_\Font\Pfm\Font\CourierStd-BoldOblique.otf
|
OpenType font data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\resource_\Font\Pfm\Font\CourierStd-Oblique.otf
|
OpenType font data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\resource_\Font\Pfm\Font\CourierStd.otf
|
OpenType font data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\resource_\Font\Pfm\Font\MinionPro-Bold.otf
|
OpenType font data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\resource_\Font\Pfm\Font\MinionPro-BoldIt.otf
|
OpenType font data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\resource_\Font\Pfm\Font\MinionPro-It.otf
|
OpenType font data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\resource_\Font\Pfm\Font\MinionPro-Regular.otf
|
OpenType font data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\resource_\Font\Pfm\Font\MyriadPro-Bold.otf
|
OpenType font data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\resource_\Font\Pfm\Font\MyriadPro-BoldIt.otf
|
OpenType font data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\resource_\Font\Pfm\Font\MyriadPro-It.otf
|
OpenType font data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\resource_\Font\Pfm\Font\MyriadPro-Regular.otf
|
OpenType font data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\resource_\Font\Pfm\Font\Pfm\SY______.PFM
|
Printer Font Metrics Symbol, 672 bytes, Symbol
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\resource_\Font\Pfm\Font\Pfm\zx______.pfm
|
Printer Font Metrics AdobeSansMM, 683 bytes, AdobeSanMM
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\resource_\Font\Pfm\Font\Pfm\zy______.pfm
|
Printer Font Metrics AdobeSerifMM, 684 bytes, AdobeSerMM serif proportional
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\resource_\Font\Pfm\Font\SY______.PFB
|
PostScript Type 1 font program data (Symbol 001.008)
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\resource_\Font\Pfm\Font\ZX______.PFB
|
PostScript Type 1 font program data (AdobeSansMM 001.002)
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\resource_\Font\Pfm\Font\ZY______.PFB
|
PostScript Type 1 font program data (AdobeSerifMM 001.003)
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\resource_\Font\Pfm\Locals\am.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\resource_\Font\Pfm\Locals\ar.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\resource_\Font\Pfm\Locals\fi.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\resource_\Font\Pfm\Locals\fil.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\resource_\Font\Pfm\Locals\fr.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\resource_\Font\Pfm\Locals\gu.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\resource_\Font\Pfm\Locals\he.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\resource_\Font\Pfm\Locals\hi.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\resource_\Font\Pfm\Locals\hr.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\resource_\Font\Pfm\Locals\hu.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\resource_\Font\Pfm\Locals\id.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\resource_\Font\Pfm\Locals\lt.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\resource_\Font\Pfm\Locals\lv.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\resource_\Font\Pfm\Locals\x64\AdonisUI.ClassicTheme.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\resource_\Font\Pfm\Locals\x64\AdonisUI.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\resource_\Font\Pfm\Locals\x86\BouncyCastle.Crypto.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\resource_\Font\Pfm\SY______.PFM
|
Printer Font Metrics Symbol, 672 bytes, Symbol
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\resource_\Font\Pfm\SaslPrep\SaslPrepProfile_norm_bidi.spp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\resource_\Font\Pfm\TypeSupport\Unicode\ICU\icudt26l.dat
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\resource_\Font\Pfm\TypeSupport\Unicode\Mappings\Adobe\symbol.txt
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\resource_\Font\Pfm\TypeSupport\Unicode\Mappings\Adobe\zdingbat.txt
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\resource_\Font\Pfm\TypeSupport\Unicode\Mappings\Mac\CENTEURO.TXT
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\resource_\Font\Pfm\TypeSupport\Unicode\Mappings\Mac\CORPCHAR.TXT
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\resource_\Font\Pfm\TypeSupport\Unicode\Mappings\Mac\CROATIAN.TXT
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\resource_\Font\Pfm\TypeSupport\Unicode\Mappings\Mac\CYRILLIC.TXT
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\resource_\Font\Pfm\TypeSupport\Unicode\Mappings\Mac\GREEK.TXT
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\resource_\Font\Pfm\TypeSupport\Unicode\Mappings\Mac\ICELAND.TXT
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\resource_\Font\Pfm\TypeSupport\Unicode\Mappings\Mac\ROMAN.TXT
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\resource_\Font\Pfm\TypeSupport\Unicode\Mappings\Mac\ROMANIAN.TXT
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\resource_\Font\Pfm\TypeSupport\Unicode\Mappings\Mac\SYMBOL.TXT
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\resource_\Font\Pfm\TypeSupport\Unicode\Mappings\Mac\TURKISH.TXT
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\resource_\Font\Pfm\TypeSupport\Unicode\Mappings\Mac\UKRAINE.TXT
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\resource_\Font\Pfm\TypeSupport\Unicode\Mappings\win\CP1250.TXT
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\resource_\Font\Pfm\TypeSupport\Unicode\Mappings\win\CP1251.TXT
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\resource_\Font\Pfm\TypeSupport\Unicode\Mappings\win\CP1252.TXT
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\resource_\Font\Pfm\TypeSupport\Unicode\Mappings\win\CP1253.TXT
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\resource_\Font\Pfm\TypeSupport\Unicode\Mappings\win\CP1254.TXT
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\resource_\Font\Pfm\TypeSupport\Unicode\Mappings\win\CP1257.TXT
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\resource_\Font\Pfm\TypeSupport\Unicode\Mappings\win\CP1258.TXT
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\resource_\Font\Pfm\opengl64.dll
|
ASCII text, with very long lines (65536), with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\resource_\Font\Pfm\resources.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\resource_\Font\Pfm\zx______.pfm
|
Printer Font Metrics AdobeSansMM, 683 bytes, AdobeSanMM
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\resource_\Font\Pfm\zy______.pfm
|
Printer Font Metrics AdobeSerifMM, 684 bytes, AdobeSerMM serif proportional
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\resource_\Font\SY______.PFB
|
PostScript Type 1 font program data (Symbol 001.008)
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\resource_\Font\ZX______.PFB
|
PostScript Type 1 font program data (AdobeSansMM 001.002)
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\resource_\Font\ZY______.PFB
|
PostScript Type 1 font program data (AdobeSerifMM 001.003)
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\resource_\carferry.flv
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\resource_\glioma.asp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Extracted1\resource_\resources.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\590aee7bdd69b59b.customDestinations-ms (copy)
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\V6IVYMX5XPK2CUAF6PWT.temp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\pwrd.zip
|
Zip archive data, at least v2.0 to extract, compression method=deflate
|
dropped
|
There are 222 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -noLogo -ExecutionPolicy unrestricted -file "C:\Users\user\Desktop\psol.txt.ps1"
|
|
|
|
C:\Users\user\AppData\Roaming\Extracted1\setup.exe
|
"C:\Users\user\AppData\Roaming\Extracted1\setup.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://community.fastly.steamstatic.com/public/shared/images/responsive/header_menu_hamburger.png
|
unknown
|
||
|
https://player.vimeo.com
|
unknown
|
||
|
https://community.fastly.steamstatic.com/public/css/promo/summer2017/stickers.css?v=Ncr6N09yZIap&
|
unknown
|
||
|
https://p10tgrace.sbs:443/api
|
unknown
|
||
|
https://steamcommunity.com/?subsection=broadcasts
|
unknown
|
||
|
https://support.google.com/chrome/answer/6098869
|
unknown
|
||
|
http://ocsps.ssl.com0?
|
unknown
|
||
|
http://www.ssl.com/repository/SSLcomRootCertificationAuthorityRSA.crt0
|
unknown
|
||
|
http://tieba.baidu.com/f/commit/share/openShareApi?url=https://www.wisecleaner.com.cn
|
unknown
|
||
|
https://sns.qzone.qq.com/cgi-bin/qzshare/cgi_qzshare_onekey?url=https%3A%2F%2Fwww.wisecleaner.com.cn
|
unknown
|
||
|
https://store.steampowered.com/subscriber_agreement/
|
unknown
|
||
|
https://www.gstatic.cn/recaptcha/
|
unknown
|
||
|
http://www.thomaslevesque.com/2009/03/27/wpf-automatically-sort-a-gridview-when-a-column-header-is-c
|
unknown
|
||
|
http://sslcom.crl.certum.pl/ctnca.crl0s
|
unknown
|
||
|
http://crls.ssl.com/SSLcom-RootCA-EV-RSA-4096-R2.crl0
|
unknown
|
||
|
http://www.indyproject.org/
|
unknown
|
||
|
http://cert.ssl.com/SSLcom-SubCA-EV-CodeSigning-RSA-4096-R3.cer0_
|
unknown
|
||
|
http://crbug.com/510270
|
unknown
|
||
|
https://marshal-zhukov.com/apie;
|
unknown
|
||
|
peepburry828.sbs
|
|||
|
http://www.valvesoftware.com/legal.htm
|
unknown
|
||
|
https://community.fastly.steamstatic.com/public/shared/css/shared_global.css?v=wuA4X_n5-mo0&l=en
|
unknown
|
||
|
https://recaptcha.net/recaptcha/
|
unknown
|
||
|
https://www.google.com
|
unknown
|
||
|
http://crbug.com/378067
|
unknown
|
||
|
https://community.fastly.steamstatic.com/public/javascript/applications/community/manifest.js?v=1aq3
|
unknown
|
||
|
http://store.steampowered.8=
|
unknown
|
||
|
https://bugs.chromium.org/p/chromium/issues/entry?template=Safety
|
unknown
|
||
|
https://api.steampowered.cw
|
unknown
|
||
|
https://github.com/micdenny/WpfScreenHelper/
|
unknown
|
||
|
https://www.valvesoftware.com/en/contact?contact-person=Translation%20Team%20Feedback
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
https://community.fastly.steamstatic.com/public/javascript/applications/community/libraries~b28b7af6
|
unknown
|
||
|
http://service.weibo.com/share/share.php?url=https%3A%2F%2Fwww.wisecleaner.com.cn
|
unknown
|
||
|
https://cdn.fastly.steamstatic.com/steamcommunity/public/assets/
|
unknown
|
||
|
https://www.codeproject.com/Articles/54472/Defining-WPF-Adorners-in-XAML
|
unknown
|
||
|
https://www.wisecleaner.comU
|
unknown
|
||
|
https://community.fastly.steamstatic.com/public/shared/css/motiva_sans.css?v=-yZgCk0Nu7kH&l=engl
|
unknown
|
||
|
https://community.fastly.steamstatic.com/public/css/skin_1/profilev2.css?v=fe66ET2uI50l&l=englis
|
unknown
|
||
|
https://community.fastly.steamstatic.com/public/javascript/scriptaculous/_combined.js?v=pbdAKOcDIgbC
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://community.fastly.steamstatic.com/public/images/skin_1/footerLogo_valve.png?v=1
|
unknown
|
||
|
https://community.fastly.steamstatic.com/public/shared/css/buttons.css?v=qhQgyjWi6LgJ&l=english&
|
unknown
|
||
|
http://crbug.com/642141
|
unknown
|
||
|
https://owner-vacat10n.sbs:443/api
|
unknown
|
||
|
https://community.fastly.steamstatic.com/
|
unknown
|
||
|
https://steam.tv/
|
unknown
|
||
|
https://twitter.com/share?original_referer=http://www.wisecleaner.com/&source=tweetbutton&text=A
|
unknown
|
||
|
processhol.sbs
|
|||
|
https://steamcommunity.com/profiles/76561199724331900
|
23.55.153.106
|
||
|
https://community.fastly.steamstatic.com/public/javascript/promo/stickers.js?v=CcLRHsa04otQ&l=en
|
unknown
|
||
|
http://crbug.com/957772
|
unknown
|
||
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
||
|
https://www.wisecleaner.com/language.htmlU
|
unknown
|
||
|
https://www.wisecleaner.com/wise-force-deleter.htmlU
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
https://community.fastly.steamstatic.com/public/css/applications/community/main.css?v=TtnlHyaDdydL&a
|
unknown
|
||
|
http://store.steampowered.com/privacy_agreement/
|
unknown
|
||
|
https://steamcommunity.com:443/profiles/76561199724331900
|
unknown
|
||
|
https://processhol.sbs:443/api
|
unknown
|
||
|
http://info.wisecleaner.com/messages/index.php?to=checknews&pid=%dU
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
https://store.steampowered.com/points/shop/
|
unknown
|
||
|
http://www.wisecleaner.net/wisecleaner_feedback/index.php?to=fetch-unread-message
|
unknown
|
||
|
http://crl.sectigo.com/SectigoRSACodeSigningCA.crl0s
|
unknown
|
||
|
http://www.wisecleaner.net/wisecleaner_feedback/index.php?to=upload-fileU
|
unknown
|
||
|
http://www.wisecleaner.net/wisecleaner_feedback/index.php?to=my-feedbackU
|
unknown
|
||
|
https://community.fastly.steamstatic.com/public/javascript/modalv2.js?v=zBXEuexVQ0FZ&l=english&a
|
unknown
|
||
|
https://sketchfab.com
|
unknown
|
||
|
http://www.wisecleaner.com/software_update/getinfo.php?p_id=7
|
unknown
|
||
|
https://lv.queniujq.cn
|
unknown
|
||
|
http://crbug.com/819404
|
unknown
|
||
|
http://www.wisecleaner.com
|
unknown
|
||
|
https://steamcommunity.com/profiles/76561199724331900/inventory/
|
unknown
|
||
|
https://www.youtube.com/
|
unknown
|
||
|
https://pub-7a0525921ff54f1193db83d7303c6ee8.r2.dev/poltos.zip
|
172.66.0.235
|
||
|
http://sslcom.repository.certum.pl/ctnca.cer0:
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
||
|
https://store.steampowered.com/privacy_agreement/
|
unknown
|
||
|
https://community.fastly.steamstatic.com/public/css/skin_1/modalContent.css?v=WXAusLHclDIt&l=eng
|
unknown
|
||
|
https://store.steampowered.com/;Persistent-AuthWWW-AuthenticateVarysteamCountry=US%7C820d04e8bfee2ac
|
unknown
|
||
|
https://community.fastly.steamstatic.com/public/javascript/global.js?v=jWc2JLWHx5Kn&l=english&am
|
unknown
|
||
|
https://www.google.com/recaptcha/
|
unknown
|
||
|
https://checkout.steampowered.com/
|
unknown
|
||
|
https://community.fastly.steamstatic.com/public/shared/javascript/share
|
unknown
|
||
|
http://sslcom.ocsp-certum.com08
|
unknown
|
||
|
http://store.steampowered.com/account/cooki
|
unknown
|
||
|
https://www.wisecleaner.com/help.htmlS
|
unknown
|
||
|
https://github.com/novotnyllc/bc-csharp
|
unknown
|
||
|
https://marshal-zhukov.com/api&;
|
unknown
|
||
|
https://store.steampowered.com/;
|
unknown
|
||
|
https://store.steampowered.com/about/
|
unknown
|
||
|
https://steamcommunity.com/my/wishlist/
|
unknown
|
||
|
https://p3ar11fter.sbs:443/api-
|
unknown
|
||
|
https://community.fastly.steamstatic.com/public/shared/css/shared_responsive.css?v=JL1e4uQSrVGe&
|
unknown
|
||
|
https://community.fastly.steamstatic.com/public/shared/javascript/shared_responsive_adapter.js?v=tv~
|
unknown
|
||
|
https://community.fastly.steamstatic.com/publich
|
unknown
|
||
|
http://ocsp.sectigo.com0
|
unknown
|
||
|
https://help.steampowered.com/en/
|
unknown
|
||
|
https://steamcommunity.com/market/
|
unknown
|
There are 90 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
w0rdergen1.cyou
|
unknown
|
|
|
|
pub-7a0525921ff54f1193db83d7303c6ee8.r2.dev
|
172.66.0.235
|
||
|
steamcommunity.com
|
23.55.153.106
|
||
|
marshal-zhukov.com
|
172.67.160.80
|
||
|
librari-night.sbs
|
unknown
|
||
|
owner-vacat10n.sbs
|
unknown
|
||
|
p10tgrace.sbs
|
unknown
|
||
|
befall-sm0ker.sbs
|
unknown
|
||
|
3xp3cts1aim.sbs
|
unknown
|
||
|
p3ar11fter.sbs
|
unknown
|
||
|
peepburry828.sbs
|
unknown
|
||
|
processhol.sbs
|
unknown
|
There are 2 hidden domains, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
172.67.160.80
|
marshal-zhukov.com
|
United States
|
||
|
23.55.153.106
|
steamcommunity.com
|
United States
|
||
|
172.66.0.235
|
pub-7a0525921ff54f1193db83d7303c6ee8.r2.dev
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileDirectory
|
There are 4 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2310000
|
direct allocation
|
page execute and read and write
|
|
|
|
707000
|
unkown
|
page write copy
|
||
|
1E72C378000
|
trusted library allocation
|
page read and write
|
||
|
1E72C8C1000
|
trusted library allocation
|
page read and write
|
||
|
1E72D087000
|
trusted library allocation
|
page read and write
|
||
|
1E72DB38000
|
trusted library allocation
|
page read and write
|
||
|
1E72DC12000
|
trusted library allocation
|
page read and write
|
||
|
1E72CD81000
|
trusted library allocation
|
page read and write
|
||
|
9F5000
|
heap
|
page read and write
|
||
|
1E72C399000
|
trusted library allocation
|
page read and write
|
||
|
1E72B800000
|
heap
|
page read and write
|
||
|
1E72C1EC000
|
trusted library allocation
|
page read and write
|
||
|
75D000
|
unkown
|
page readonly
|
||
|
7FF848D40000
|
trusted library allocation
|
page read and write
|
||
|
1E72C2CD000
|
trusted library allocation
|
page read and write
|
||
|
23AE000
|
stack
|
page read and write
|
||
|
7FF849070000
|
trusted library allocation
|
page read and write
|
||
|
9E9000
|
heap
|
page read and write
|
||
|
A30000
|
heap
|
page read and write
|
||
|
A3D000
|
heap
|
page read and write
|
||
|
1E72C59E000
|
trusted library allocation
|
page read and write
|
||
|
1E72D678000
|
trusted library allocation
|
page read and write
|
||
|
1E72CFC9000
|
trusted library allocation
|
page read and write
|
||
|
1E72D1FD000
|
trusted library allocation
|
page read and write
|
||
|
2902000
|
heap
|
page read and write
|
||
|
27EC000
|
direct allocation
|
page read and write
|
||
|
1E729A70000
|
trusted library allocation
|
page read and write
|
||
|
A42000
|
heap
|
page read and write
|
||
|
1E72D703000
|
trusted library allocation
|
page read and write
|
||
|
1E72C002000
|
trusted library allocation
|
page read and write
|
||
|
1E72CECE000
|
trusted library allocation
|
page read and write
|
||
|
1E72D7E2000
|
trusted library allocation
|
page read and write
|
||
|
1E72D424000
|
trusted library allocation
|
page read and write
|
||
|
1E72CB6B000
|
trusted library allocation
|
page read and write
|
||
|
31CF000
|
trusted library allocation
|
page read and write
|
||
|
1E72C084000
|
trusted library allocation
|
page read and write
|
||
|
A51000
|
heap
|
page read and write
|
||
|
1E72D50F000
|
trusted library allocation
|
page read and write
|
||
|
2908000
|
heap
|
page read and write
|
||
|
3310000
|
remote allocation
|
page read and write
|
||
|
A35000
|
heap
|
page read and write
|
||
|
1E72C861000
|
trusted library allocation
|
page read and write
|
||
|
844000
|
heap
|
page read and write
|
||
|
1E72C0A4000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F20000
|
trusted library allocation
|
page execute and read and write
|
||
|
1E72C9DD000
|
trusted library allocation
|
page read and write
|
||
|
1E72C4DD000
|
trusted library allocation
|
page read and write
|
||
|
172BF4E000
|
stack
|
page read and write
|
||
|
1E72D969000
|
trusted library allocation
|
page read and write
|
||
|
1E72D879000
|
trusted library allocation
|
page read and write
|
||
|
1E72C257000
|
trusted library allocation
|
page read and write
|
||
|
1E72D5F7000
|
trusted library allocation
|
page read and write
|
||
|
345E000
|
stack
|
page read and write
|
||
|
A60000
|
heap
|
page read and write
|
||
|
1E72C1B8000
|
trusted library allocation
|
page read and write
|
||
|
1E72B874000
|
heap
|
page read and write
|
||
|
1E72C633000
|
trusted library allocation
|
page read and write
|
||
|
1E72DAF8000
|
trusted library allocation
|
page read and write
|
||
|
32FD000
|
stack
|
page read and write
|
||
|
1E72C81E000
|
trusted library allocation
|
page read and write
|
||
|
1E72C20C000
|
trusted library allocation
|
page read and write
|
||
|
31E1000
|
trusted library allocation
|
page read and write
|
||
|
1E72C79A000
|
trusted library allocation
|
page read and write
|
||
|
1E72BEF2000
|
trusted library allocation
|
page read and write
|
||
|
1E72C7DB000
|
trusted library allocation
|
page read and write
|
||
|
1E72CBF0000
|
trusted library allocation
|
page read and write
|
||
|
844000
|
heap
|
page read and write
|
||
|
1E72CD5F000
|
trusted library allocation
|
page read and write
|
||
|
1E72C3DA000
|
trusted library allocation
|
page read and write
|
||
|
1E72CAD4000
|
trusted library allocation
|
page read and write
|
||
|
1E72C259000
|
trusted library allocation
|
page read and write
|
||
|
1E72C852000
|
trusted library allocation
|
page read and write
|
||
|
1E72C4BA000
|
trusted library allocation
|
page read and write
|
||
|
172B07D000
|
stack
|
page read and write
|
||
|
1E72D2E6000
|
trusted library allocation
|
page read and write
|
||
|
844000
|
heap
|
page read and write
|
||
|
6D0000
|
unkown
|
page read and write
|
||
|
6C5000
|
unkown
|
page read and write
|
||
|
A25000
|
heap
|
page read and write
|
||
|
1E72D0F6000
|
trusted library allocation
|
page read and write
|
||
|
1E72CA74000
|
trusted library allocation
|
page read and write
|
||
|
1E73BB50000
|
trusted library allocation
|
page read and write
|
||
|
1E72D834000
|
trusted library allocation
|
page read and write
|
||
|
70F000
|
unkown
|
page readonly
|
||
|
34E3000
|
trusted library allocation
|
page read and write
|
||
|
1E72CCD3000
|
trusted library allocation
|
page read and write
|
||
|
1E72CD00000
|
trusted library allocation
|
page read and write
|
||
|
1E72B290000
|
trusted library allocation
|
page read and write
|
||
|
1E72CD1E000
|
trusted library allocation
|
page read and write
|
||
|
1E73BC97000
|
trusted library allocation
|
page read and write
|
||
|
27AB000
|
direct allocation
|
page read and write
|
||
|
1E72CBB2000
|
trusted library allocation
|
page read and write
|
||
|
172ACFE000
|
stack
|
page read and write
|
||
|
1E72C57B000
|
trusted library allocation
|
page read and write
|
||
|
9F4000
|
heap
|
page read and write
|
||
|
172B4FB000
|
stack
|
page read and write
|
||
|
1E72DA10000
|
trusted library allocation
|
page read and write
|
||
|
7FF848DF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1E72BDF1000
|
trusted library allocation
|
page read and write
|
||
|
360E000
|
stack
|
page read and write
|
||
|
2C91000
|
unclassified section
|
page execute read
|
||
|
1E72CBF2000
|
trusted library allocation
|
page read and write
|
||
|
1E73B9A1000
|
trusted library allocation
|
page read and write
|
||
|
A3D000
|
heap
|
page read and write
|
||
|
1E72C318000
|
trusted library allocation
|
page read and write
|
||
|
1E72C158000
|
trusted library allocation
|
page read and write
|
||
|
7FF848EF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
A51000
|
heap
|
page read and write
|
||
|
750000
|
unkown
|
page readonly
|
||
|
B50000
|
heap
|
page read and write
|
||
|
1E72C1AC000
|
trusted library allocation
|
page read and write
|
||
|
1E72DB18000
|
trusted library allocation
|
page read and write
|
||
|
1E72DA1A000
|
trusted library allocation
|
page read and write
|
||
|
1E72C156000
|
trusted library allocation
|
page read and write
|
||
|
1E72D635000
|
trusted library allocation
|
page read and write
|
||
|
1E72CC78000
|
trusted library allocation
|
page read and write
|
||
|
7FF849030000
|
trusted library allocation
|
page read and write
|
||
|
A07000
|
heap
|
page read and write
|
||
|
1E72CD95000
|
trusted library allocation
|
page read and write
|
||
|
A65000
|
heap
|
page read and write
|
||
|
1E72CC8C000
|
trusted library allocation
|
page read and write
|
||
|
1E72B990000
|
heap
|
page execute and read and write
|
||
|
A1A000
|
heap
|
page read and write
|
||
|
335D000
|
stack
|
page read and write
|
||
|
2D00000
|
heap
|
page read and write
|
||
|
AEE000
|
stack
|
page read and write
|
||
|
2902000
|
heap
|
page read and write
|
||
|
1E72CB1B000
|
trusted library allocation
|
page read and write
|
||
|
2808000
|
direct allocation
|
page read and write
|
||
|
1E72C61F000
|
trusted library allocation
|
page read and write
|
||
|
172ADFD000
|
stack
|
page read and write
|
||
|
31E6000
|
trusted library allocation
|
page read and write
|
||
|
1E72CEED000
|
trusted library allocation
|
page read and write
|
||
|
1E72B8E2000
|
heap
|
page read and write
|
||
|
1E72C55E000
|
trusted library allocation
|
page read and write
|
||
|
1E72B8DF000
|
heap
|
page read and write
|
||
|
1E72C572000
|
trusted library allocation
|
page read and write
|
||
|
1E72C236000
|
trusted library allocation
|
page read and write
|
||
|
2902000
|
heap
|
page read and write
|
||
|
1E72B827000
|
heap
|
page read and write
|
||
|
1E72D552000
|
trusted library allocation
|
page read and write
|
||
|
1E72CCDE000
|
trusted library allocation
|
page read and write
|
||
|
172B47B000
|
stack
|
page read and write
|
||
|
2902000
|
heap
|
page read and write
|
||
|
1E72C51B000
|
trusted library allocation
|
page read and write
|
||
|
1E72C490000
|
trusted library allocation
|
page read and write
|
||
|
1E72D68E000
|
trusted library allocation
|
page read and write
|
||
|
1E72C4D0000
|
trusted library allocation
|
page read and write
|
||
|
1E72DB7A000
|
trusted library allocation
|
page read and write
|
||
|
1E72C196000
|
trusted library allocation
|
page read and write
|
||
|
1E729AE5000
|
heap
|
page read and write
|
||
|
1E72CB55000
|
trusted library allocation
|
page read and write
|
||
|
1E72CFA9000
|
trusted library allocation
|
page read and write
|
||
|
1E72CC49000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F50000
|
trusted library allocation
|
page read and write
|
||
|
1E72D071000
|
trusted library allocation
|
page read and write
|
||
|
1E72B8E7000
|
heap
|
page read and write
|
||
|
1E743AE3000
|
heap
|
page read and write
|
||
|
1E72C359000
|
trusted library allocation
|
page read and write
|
||
|
1E72CCFE000
|
trusted library allocation
|
page read and write
|
||
|
1E72D53C000
|
trusted library allocation
|
page read and write
|
||
|
810000
|
heap
|
page read and write
|
||
|
1E72B8E4000
|
heap
|
page read and write
|
||
|
1E72C0AE000
|
trusted library allocation
|
page read and write
|
||
|
1E72D767000
|
trusted library allocation
|
page read and write
|
||
|
1E72CF48000
|
trusted library allocation
|
page read and write
|
||
|
1E72C35B000
|
trusted library allocation
|
page read and write
|
||
|
1E72C511000
|
trusted library allocation
|
page read and write
|
||
|
1E72C894000
|
trusted library allocation
|
page read and write
|
||
|
1E72C81C000
|
trusted library allocation
|
page read and write
|
||
|
9B0000
|
heap
|
page read and write
|
||
|
99E000
|
stack
|
page read and write
|
||
|
1E72CF67000
|
trusted library allocation
|
page read and write
|
||
|
1E72C24C000
|
trusted library allocation
|
page read and write
|
||
|
1E72C26D000
|
trusted library allocation
|
page read and write
|
||
|
7FF849020000
|
trusted library allocation
|
page read and write
|
||
|
1E72D55B000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FB0000
|
trusted library allocation
|
page read and write
|
||
|
2902000
|
heap
|
page read and write
|
||
|
1E73BA0E000
|
trusted library allocation
|
page read and write
|
||
|
1E72CB07000
|
trusted library allocation
|
page read and write
|
||
|
1E72D3AB000
|
trusted library allocation
|
page read and write
|
||
|
1E72C14B000
|
trusted library allocation
|
page read and write
|
||
|
1E72C2B7000
|
trusted library allocation
|
page read and write
|
||
|
1E72C612000
|
trusted library allocation
|
page read and write
|
||
|
1E72BEA1000
|
trusted library allocation
|
page read and write
|
||
|
1E72986E000
|
heap
|
page read and write
|
||
|
1E729882000
|
heap
|
page read and write
|
||
|
1E72D5A0000
|
trusted library allocation
|
page read and write
|
||
|
1E72B872000
|
heap
|
page read and write
|
||
|
1E72CFAB000
|
trusted library allocation
|
page read and write
|
||
|
1E72D99C000
|
trusted library allocation
|
page read and write
|
||
|
1E729A30000
|
heap
|
page read and write
|
||
|
7FF849080000
|
trusted library allocation
|
page read and write
|
||
|
1E72D14B000
|
trusted library allocation
|
page read and write
|
||
|
844000
|
heap
|
page read and write
|
||
|
1E72CED7000
|
trusted library allocation
|
page read and write
|
||
|
1E72D1BA000
|
trusted library allocation
|
page read and write
|
||
|
A13000
|
heap
|
page read and write
|
||
|
1E72D572000
|
trusted library allocation
|
page read and write
|
||
|
1E72C00B000
|
trusted library allocation
|
page read and write
|
||
|
1E72BFCA000
|
trusted library allocation
|
page read and write
|
||
|
1E72C47A000
|
trusted library allocation
|
page read and write
|
||
|
1E72C880000
|
trusted library allocation
|
page read and write
|
||
|
1E72DA30000
|
trusted library allocation
|
page read and write
|
||
|
1E72C5F3000
|
trusted library allocation
|
page read and write
|
||
|
1E72CA3A000
|
trusted library allocation
|
page read and write
|
||
|
2801000
|
direct allocation
|
page read and write
|
||
|
9FE000
|
heap
|
page read and write
|
||
|
1E72D717000
|
trusted library allocation
|
page read and write
|
||
|
1E72C5DD000
|
trusted library allocation
|
page read and write
|
||
|
1E72D79D000
|
trusted library allocation
|
page read and write
|
||
|
A83000
|
heap
|
page read and write
|
||
|
1E72D7B1000
|
trusted library allocation
|
page read and write
|
||
|
370F000
|
stack
|
page read and write
|
||
|
1E72CD9E000
|
trusted library allocation
|
page read and write
|
||
|
1E72C117000
|
trusted library allocation
|
page read and write
|
||
|
3310000
|
remote allocation
|
page read and write
|
||
|
1E7298AF000
|
heap
|
page read and write
|
||
|
1E72C77F000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F00000
|
trusted library allocation
|
page execute and read and write
|
||
|
A63000
|
heap
|
page read and write
|
||
|
1E72CFDF000
|
trusted library allocation
|
page read and write
|
||
|
1E72B8AB000
|
heap
|
page read and write
|
||
|
1E72D9BA000
|
trusted library allocation
|
page read and write
|
||
|
172AF7E000
|
stack
|
page read and write
|
||
|
1E72C115000
|
trusted library allocation
|
page read and write
|
||
|
27E4000
|
direct allocation
|
page read and write
|
||
|
1E72C7DD000
|
trusted library allocation
|
page read and write
|
||
|
1E729AE0000
|
heap
|
page read and write
|
||
|
1E743B35000
|
heap
|
page read and write
|
||
|
A57000
|
heap
|
page read and write
|
||
|
A7F000
|
heap
|
page read and write
|
||
|
418000
|
unkown
|
page execute read
|
||
|
1E72D00A000
|
trusted library allocation
|
page read and write
|
||
|
1E72D6BA000
|
trusted library allocation
|
page read and write
|
||
|
1E72D0B5000
|
trusted library allocation
|
page read and write
|
||
|
1E72B2C0000
|
trusted library allocation
|
page read and write
|
||
|
1E72D137000
|
trusted library allocation
|
page read and write
|
||
|
1E72CC33000
|
trusted library allocation
|
page read and write
|
||
|
2CDC000
|
unclassified section
|
page read and write
|
||
|
1E72C41A000
|
trusted library allocation
|
page read and write
|
||
|
1E72CC35000
|
trusted library allocation
|
page read and write
|
||
|
1E72C16C000
|
trusted library allocation
|
page read and write
|
||
|
B55000
|
heap
|
page read and write
|
||
|
1E72C217000
|
trusted library allocation
|
page read and write
|
||
|
1E72C06E000
|
trusted library allocation
|
page read and write
|
||
|
172C08F000
|
stack
|
page read and write
|
||
|
1E72C279000
|
trusted library allocation
|
page read and write
|
||
|
2C3B000
|
stack
|
page read and write
|
||
|
9FE000
|
heap
|
page read and write
|
||
|
1E72DBC1000
|
trusted library allocation
|
page read and write
|
||
|
70C000
|
unkown
|
page read and write
|
||
|
9FB000
|
heap
|
page read and write
|
||
|
7FF848F60000
|
trusted library allocation
|
page read and write
|
||
|
1E72C219000
|
trusted library allocation
|
page read and write
|
||
|
1E72C99A000
|
trusted library allocation
|
page read and write
|
||
|
1E729760000
|
heap
|
page read and write
|
||
|
1E72C9D0000
|
trusted library allocation
|
page read and write
|
||
|
7FF849010000
|
trusted library allocation
|
page read and write
|
||
|
172C00F000
|
stack
|
page read and write
|
||
|
1E72D59E000
|
trusted library allocation
|
page read and write
|
||
|
34F0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E16000
|
trusted library allocation
|
page execute and read and write
|
||
|
1E72D25F000
|
trusted library allocation
|
page read and write
|
||
|
1E72D6BC000
|
trusted library allocation
|
page read and write
|
||
|
7FF849090000
|
trusted library allocation
|
page read and write
|
||
|
1E72C5DF000
|
trusted library allocation
|
page read and write
|
||
|
1E72C51E000
|
trusted library allocation
|
page read and write
|
||
|
1E72D3F0000
|
trusted library allocation
|
page read and write
|
||
|
1E72C0B0000
|
trusted library allocation
|
page read and write
|
||
|
1E72CF7D000
|
trusted library allocation
|
page read and write
|
||
|
1E72D2E4000
|
trusted library allocation
|
page read and write
|
||
|
172AC75000
|
stack
|
page read and write
|
||
|
1E72D9FC000
|
trusted library allocation
|
page read and write
|
||
|
1E72CB9E000
|
trusted library allocation
|
page read and write
|
||
|
7FF848EEA000
|
trusted library allocation
|
page read and write
|
||
|
A42000
|
heap
|
page read and write
|
||
|
1E72C7BA000
|
trusted library allocation
|
page read and write
|
||
|
1E72D5E1000
|
trusted library allocation
|
page read and write
|
||
|
1E72C1B5000
|
trusted library allocation
|
page read and write
|
||
|
1E72C781000
|
trusted library allocation
|
page read and write
|
||
|
1E72D455000
|
trusted library allocation
|
page read and write
|
||
|
1E72D53E000
|
trusted library allocation
|
page read and write
|
||
|
1E72D48A000
|
trusted library allocation
|
page read and write
|
||
|
7FF849050000
|
trusted library allocation
|
page read and write
|
||
|
1E72DC26000
|
trusted library allocation
|
page read and write
|
||
|
1E72C45A000
|
trusted library allocation
|
page read and write
|
||
|
1E72DA1C000
|
trusted library allocation
|
page read and write
|
||
|
1E72D232000
|
trusted library allocation
|
page read and write
|
||
|
1E72D01E000
|
trusted library allocation
|
page read and write
|
||
|
27CF000
|
direct allocation
|
page read and write
|
||
|
1E72D129000
|
trusted library allocation
|
page read and write
|
||
|
1E729A97000
|
heap
|
page execute and read and write
|
||
|
A83000
|
heap
|
page read and write
|
||
|
1E72D450000
|
trusted library allocation
|
page read and write
|
||
|
1E72C3CF000
|
trusted library allocation
|
page read and write
|
||
|
1E72C3F9000
|
trusted library allocation
|
page read and write
|
||
|
1E743B3D000
|
heap
|
page read and write
|
||
|
A4D000
|
heap
|
page read and write
|
||
|
1E72DC10000
|
trusted library allocation
|
page read and write
|
||
|
1E72B8B7000
|
heap
|
page read and write
|
||
|
1E72D99A000
|
trusted library allocation
|
page read and write
|
||
|
7FF848DEC000
|
trusted library allocation
|
page execute and read and write
|
||
|
1E729A40000
|
trusted library allocation
|
page read and write
|
||
|
9B000
|
stack
|
page read and write
|
||
|
7FF848FE0000
|
trusted library allocation
|
page read and write
|
||
|
1E72C04D000
|
trusted library allocation
|
page read and write
|
||
|
1E72D832000
|
trusted library allocation
|
page read and write
|
||
|
1E72D177000
|
trusted library allocation
|
page read and write
|
||
|
1E72C8D7000
|
trusted library allocation
|
page read and write
|
||
|
2902000
|
heap
|
page read and write
|
||
|
25CF000
|
stack
|
page read and write
|
||
|
1E72D0E9000
|
trusted library allocation
|
page read and write
|
||
|
1E72C02D000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E50000
|
trusted library allocation
|
page execute and read and write
|
||
|
1E72C22D000
|
trusted library allocation
|
page read and write
|
||
|
1E72CD53000
|
trusted library allocation
|
page read and write
|
||
|
1E72D9FA000
|
trusted library allocation
|
page read and write
|
||
|
B40000
|
heap
|
page read and write
|
||
|
27A4000
|
direct allocation
|
page read and write
|
||
|
27C0000
|
direct allocation
|
page read and write
|
||
|
6C3000
|
unkown
|
page read and write
|
||
|
1E72C905000
|
trusted library allocation
|
page read and write
|
||
|
1E72D10A000
|
trusted library allocation
|
page read and write
|
||
|
376E000
|
stack
|
page read and write
|
||
|
2902000
|
heap
|
page read and write
|
||
|
1E7297E0000
|
heap
|
page read and write
|
||
|
1E72C04F000
|
trusted library allocation
|
page read and write
|
||
|
1E72D02C000
|
trusted library allocation
|
page read and write
|
||
|
172B0FE000
|
stack
|
page read and write
|
||
|
1E72CA26000
|
trusted library allocation
|
page read and write
|
||
|
2901000
|
heap
|
page read and write
|
||
|
1E72D3EE000
|
trusted library allocation
|
page read and write
|
||
|
1E72D751000
|
trusted library allocation
|
page read and write
|
||
|
413000
|
unkown
|
page execute read
|
||
|
1E72C7B1000
|
trusted library allocation
|
page read and write
|
||
|
1E72D326000
|
trusted library allocation
|
page read and write
|
||
|
1E72C875000
|
trusted library allocation
|
page read and write
|
||
|
1E72CA8A000
|
trusted library allocation
|
page read and write
|
||
|
1E72CD34000
|
trusted library allocation
|
page read and write
|
||
|
1E7297C0000
|
heap
|
page read and write
|
||
|
7FF848F30000
|
trusted library allocation
|
page read and write
|
||
|
1E72DAB6000
|
trusted library allocation
|
page read and write
|
||
|
1E72CA76000
|
trusted library allocation
|
page read and write
|
||
|
1E72D1D1000
|
trusted library allocation
|
page read and write
|
||
|
95E000
|
stack
|
page read and write
|
||
|
1E72C2AE000
|
trusted library allocation
|
page read and write
|
||
|
1E7297E8000
|
heap
|
page read and write
|
||
|
1E72D4B9000
|
trusted library allocation
|
page read and write
|
||
|
1E72C338000
|
trusted library allocation
|
page read and write
|
||
|
1E72DBBF000
|
trusted library allocation
|
page read and write
|
||
|
1E72D464000
|
trusted library allocation
|
page read and write
|
||
|
1E72C99C000
|
trusted library allocation
|
page read and write
|
||
|
1E72C551000
|
trusted library allocation
|
page read and write
|
||
|
172A9DF000
|
stack
|
page read and write
|
||
|
1E72BE7A000
|
trusted library allocation
|
page read and write
|
||
|
9E4000
|
heap
|
page read and write
|
||
|
1E72D5B4000
|
trusted library allocation
|
page read and write
|
||
|
1E72D369000
|
trusted library allocation
|
page read and write
|
||
|
1E72C198000
|
trusted library allocation
|
page read and write
|
||
|
1E72BEF4000
|
trusted library allocation
|
page read and write
|
||
|
7FF848ED0000
|
trusted library allocation
|
page read and write
|
||
|
1E72C4FB000
|
trusted library allocation
|
page read and write
|
||
|
9BA000
|
heap
|
page read and write
|
||
|
172BFCD000
|
stack
|
page read and write
|
||
|
A8F000
|
heap
|
page read and write
|
||
|
1E729A90000
|
heap
|
page execute and read and write
|
||
|
1E729AA0000
|
trusted library allocation
|
page read and write
|
||
|
1E72BFAC000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F90000
|
trusted library allocation
|
page read and write
|
||
|
1E72D328000
|
trusted library allocation
|
page read and write
|
||
|
2370000
|
trusted library allocation
|
page read and write
|
||
|
27DD000
|
direct allocation
|
page read and write
|
||
|
1E72D4B7000
|
trusted library allocation
|
page read and write
|
||
|
A7D000
|
heap
|
page read and write
|
||
|
1E72D8E5000
|
trusted library allocation
|
page read and write
|
||
|
1E72D955000
|
trusted library allocation
|
page read and write
|
||
|
7FF84908C000
|
trusted library allocation
|
page read and write
|
||
|
1E72D476000
|
trusted library allocation
|
page read and write
|
||
|
1E72BDE4000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FF0000
|
trusted library allocation
|
page read and write
|
||
|
1E7298B6000
|
heap
|
page read and write
|
||
|
2900000
|
heap
|
page read and write
|
||
|
844000
|
heap
|
page read and write
|
||
|
6D5000
|
unkown
|
page read and write
|
||
|
1E72CF9F000
|
trusted library allocation
|
page read and write
|
||
|
1E72C3AF000
|
trusted library allocation
|
page read and write
|
||
|
1E72D0F4000
|
trusted library allocation
|
page read and write
|
||
|
1E72C7FA000
|
trusted library allocation
|
page read and write
|
||
|
31FE000
|
stack
|
page read and write
|
||
|
7FF849000000
|
trusted library allocation
|
page read and write
|
||
|
1E72D37F000
|
trusted library allocation
|
page read and write
|
||
|
1E72C903000
|
trusted library allocation
|
page read and write
|
||
|
1E72C02F000
|
trusted library allocation
|
page read and write
|
||
|
1E7297F2000
|
heap
|
page read and write
|
||
|
172BECE000
|
stack
|
page read and write
|
||
|
1E72C9F3000
|
trusted library allocation
|
page read and write
|
||
|
1E72BDFD000
|
trusted library allocation
|
page read and write
|
||
|
1E72C1D8000
|
trusted library allocation
|
page read and write
|
||
|
1E72CD3F000
|
trusted library allocation
|
page read and write
|
||
|
1E72CCBF000
|
trusted library allocation
|
page read and write
|
||
|
1E72D6AD000
|
trusted library allocation
|
page read and write
|
||
|
1E72D2A3000
|
trusted library allocation
|
page read and write
|
||
|
2D5E000
|
stack
|
page read and write
|
||
|
1E72C0CE000
|
trusted library allocation
|
page read and write
|
||
|
2CD7000
|
unclassified section
|
page write copy
|
||
|
1E72D7F9000
|
trusted library allocation
|
page read and write
|
||
|
1E72CF8B000
|
trusted library allocation
|
page read and write
|
||
|
1E72C9B0000
|
trusted library allocation
|
page read and write
|
||
|
A59000
|
heap
|
page read and write
|
||
|
1E72C3B9000
|
trusted library allocation
|
page read and write
|
||
|
1E72C79C000
|
trusted library allocation
|
page read and write
|
||
|
7FF8490B0000
|
trusted library allocation
|
page read and write
|
||
|
A91000
|
heap
|
page read and write
|
||
|
7FF848DE0000
|
trusted library allocation
|
page read and write
|
||
|
1E72BFEC000
|
trusted library allocation
|
page read and write
|
||
|
9ED000
|
heap
|
page read and write
|
||
|
1E72CAC0000
|
trusted library allocation
|
page read and write
|
||
|
1E72C36F000
|
trusted library allocation
|
page read and write
|
||
|
1E72C71D000
|
trusted library allocation
|
page read and write
|
||
|
6CA000
|
unkown
|
page read and write
|
||
|
1E72C34E000
|
trusted library allocation
|
page read and write
|
||
|
1E72C1D6000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
7FF848D4B000
|
trusted library allocation
|
page read and write
|
||
|
1E72CC75000
|
trusted library allocation
|
page read and write
|
||
|
1E72CABE000
|
trusted library allocation
|
page read and write
|
||
|
1E72CB57000
|
trusted library allocation
|
page read and write
|
||
|
1E72CDA0000
|
trusted library allocation
|
page read and write
|
||
|
2911000
|
heap
|
page read and write
|
||
|
1E72C090000
|
trusted library allocation
|
page read and write
|
||
|
1E72C29A000
|
trusted library allocation
|
page read and write
|
||
|
A1F000
|
heap
|
page read and write
|
||
|
2902000
|
heap
|
page read and write
|
||
|
1E72D6D0000
|
trusted library allocation
|
page read and write
|
||
|
1E72D1FF000
|
trusted library allocation
|
page read and write
|
||
|
27B2000
|
direct allocation
|
page read and write
|
||
|
1E72C063000
|
trusted library allocation
|
page read and write
|
||
|
A0F000
|
heap
|
page read and write
|
||
|
1E72DACC000
|
trusted library allocation
|
page read and write
|
||
|
2E5D000
|
stack
|
page read and write
|
||
|
1E72D40E000
|
trusted library allocation
|
page read and write
|
||
|
A05000
|
heap
|
page read and write
|
||
|
A81000
|
heap
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
9F1000
|
heap
|
page read and write
|
||
|
1E72D0B3000
|
trusted library allocation
|
page read and write
|
||
|
6C3000
|
unkown
|
page write copy
|
||
|
7DF407110000
|
trusted library allocation
|
page execute and read and write
|
||
|
27FA000
|
direct allocation
|
page read and write
|
||
|
1E72D591000
|
trusted library allocation
|
page read and write
|
||
|
1E729A35000
|
heap
|
page read and write
|
||
|
1E72D9F1000
|
trusted library allocation
|
page read and write
|
||
|
2CE8000
|
unclassified section
|
page readonly
|
||
|
172AE7E000
|
stack
|
page read and write
|
||
|
1E72D946000
|
trusted library allocation
|
page read and write
|
||
|
1E72DB2C000
|
trusted library allocation
|
page read and write
|
||
|
A78000
|
heap
|
page read and write
|
||
|
1E72C40F000
|
trusted library allocation
|
page read and write
|
||
|
1E72D410000
|
trusted library allocation
|
page read and write
|
||
|
27D6000
|
direct allocation
|
page read and write
|
||
|
1E72C277000
|
trusted library allocation
|
page read and write
|
||
|
7FF848D32000
|
trusted library allocation
|
page read and write
|
||
|
1E72D113000
|
trusted library allocation
|
page read and write
|
||
|
1E72C0E4000
|
trusted library allocation
|
page read and write
|
||
|
1E72D5D4000
|
trusted library allocation
|
page read and write
|
||
|
1E72C1F6000
|
trusted library allocation
|
page read and write
|
||
|
A88000
|
heap
|
page read and write
|
||
|
A6A000
|
heap
|
page read and write
|
||
|
1E72D5E3000
|
trusted library allocation
|
page read and write
|
||
|
A0F000
|
heap
|
page read and write
|
||
|
1E72B9A1000
|
trusted library allocation
|
page read and write
|
||
|
2902000
|
heap
|
page read and write
|
||
|
34AE000
|
stack
|
page read and write
|
||
|
1E72CD7F000
|
trusted library allocation
|
page read and write
|
||
|
1E72DB4C000
|
trusted library allocation
|
page read and write
|
||
|
1E72C18B000
|
trusted library allocation
|
page read and write
|
||
|
1E72DAF6000
|
trusted library allocation
|
page read and write
|
||
|
1E72B829000
|
heap
|
page read and write
|
||
|
2E70000
|
heap
|
page read and write
|
||
|
1E72B888000
|
heap
|
page read and write
|
||
|
1E72D33C000
|
trusted library allocation
|
page read and write
|
||
|
1E72C4F1000
|
trusted library allocation
|
page read and write
|
||
|
1E72D02A000
|
trusted library allocation
|
page read and write
|
||
|
1E72C8F7000
|
trusted library allocation
|
page read and write
|
||
|
1E72DAB8000
|
trusted library allocation
|
page read and write
|
||
|
1E72D64B000
|
trusted library allocation
|
page read and write
|
||
|
2901000
|
heap
|
page read and write
|
||
|
1E72D848000
|
trusted library allocation
|
page read and write
|
||
|
1E72DB0C000
|
trusted library allocation
|
page read and write
|
||
|
1E72D9DD000
|
trusted library allocation
|
page read and write
|
||
|
35AE000
|
stack
|
page read and write
|
||
|
1E72C470000
|
trusted library allocation
|
page read and write
|
||
|
1E72D9B0000
|
trusted library allocation
|
page read and write
|
||
|
1E72D213000
|
trusted library allocation
|
page read and write
|
||
|
1E72D87C000
|
trusted library allocation
|
page read and write
|
||
|
1E72CEB7000
|
trusted library allocation
|
page read and write
|
||
|
A0E000
|
heap
|
page read and write
|
||
|
1E72D040000
|
trusted library allocation
|
page read and write
|
||
|
2CD4000
|
unclassified section
|
page readonly
|
||
|
1E72D453000
|
trusted library allocation
|
page read and write
|
||
|
A75000
|
heap
|
page read and write
|
||
|
1E72D135000
|
trusted library allocation
|
page read and write
|
||
|
1E72C5FC000
|
trusted library allocation
|
page read and write
|
||
|
1E729750000
|
heap
|
page read and write
|
||
|
844000
|
heap
|
page read and write
|
||
|
1E72CC26000
|
trusted library allocation
|
page read and write
|
||
|
1E72C2F7000
|
trusted library allocation
|
page read and write
|
||
|
1E72BFAA000
|
trusted library allocation
|
page read and write
|
||
|
1E72CDB4000
|
trusted library allocation
|
page read and write
|
||
|
7FF8490A0000
|
trusted library allocation
|
page read and write
|
||
|
1E72C95A000
|
trusted library allocation
|
page read and write
|
||
|
A48000
|
heap
|
page read and write
|
||
|
1E72C08E000
|
trusted library allocation
|
page read and write
|
||
|
A4A000
|
heap
|
page read and write
|
||
|
1E72C49B000
|
trusted library allocation
|
page read and write
|
||
|
1E72D275000
|
trusted library allocation
|
page read and write
|
||
|
1E72C707000
|
trusted library allocation
|
page read and write
|
||
|
172B37E000
|
stack
|
page read and write
|
||
|
1E729A80000
|
heap
|
page readonly
|
||
|
1E72C1CC000
|
trusted library allocation
|
page read and write
|
||
|
1E72C9DF000
|
trusted library allocation
|
page read and write
|
||
|
1E72D18F000
|
trusted library allocation
|
page read and write
|
||
|
7FF848EE1000
|
trusted library allocation
|
page read and write
|
||
|
820000
|
heap
|
page read and write
|
||
|
707000
|
unkown
|
page read and write
|
||
|
1E72C070000
|
trusted library allocation
|
page read and write
|
||
|
1E72C41C000
|
trusted library allocation
|
page read and write
|
||
|
172AEFB000
|
stack
|
page read and write
|
||
|
1E72D904000
|
trusted library allocation
|
page read and write
|
||
|
1E743B48000
|
heap
|
page read and write
|
||
|
1E72C61D000
|
trusted library allocation
|
page read and write
|
||
|
1E72C53B000
|
trusted library allocation
|
page read and write
|
||
|
1E72D4F9000
|
trusted library allocation
|
page read and write
|
||
|
1E72C135000
|
trusted library allocation
|
page read and write
|
||
|
27B9000
|
direct allocation
|
page read and write
|
||
|
1E72C430000
|
trusted library allocation
|
page read and write
|
||
|
A1A000
|
heap
|
page read and write
|
||
|
1E72C832000
|
trusted library allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
A39000
|
heap
|
page read and write
|
||
|
1E72C810000
|
trusted library allocation
|
page read and write
|
||
|
A7F000
|
heap
|
page read and write
|
||
|
1E72C85F000
|
trusted library allocation
|
page read and write
|
||
|
B20000
|
heap
|
page read and write
|
||
|
1E72C0C4000
|
trusted library allocation
|
page read and write
|
||
|
A3D000
|
heap
|
page read and write
|
||
|
1E72D753000
|
trusted library allocation
|
page read and write
|
||
|
9E9000
|
heap
|
page read and write
|
||
|
1E72D701000
|
trusted library allocation
|
page read and write
|
||
|
1E72CCDC000
|
trusted library allocation
|
page read and write
|
||
|
1E72B8FB000
|
heap
|
page read and write
|
||
|
1E72B970000
|
heap
|
page execute and read and write
|
||
|
1E72D926000
|
trusted library allocation
|
page read and write
|
||
|
A20000
|
heap
|
page read and write
|
||
|
1E72C2D8000
|
trusted library allocation
|
page read and write
|
||
|
1E72CF4A000
|
trusted library allocation
|
page read and write
|
||
|
1E72CD61000
|
trusted library allocation
|
page read and write
|
||
|
1E72CD20000
|
trusted library allocation
|
page read and write
|
||
|
1E72CFCB000
|
trusted library allocation
|
page read and write
|
||
|
1E72CCBD000
|
trusted library allocation
|
page read and write
|
||
|
7FF848DE6000
|
trusted library allocation
|
page read and write
|
||
|
27F3000
|
direct allocation
|
page read and write
|
||
|
1E72C7D0000
|
trusted library allocation
|
page read and write
|
||
|
1E72DBD5000
|
trusted library allocation
|
page read and write
|
||
|
1E72C12B000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FC0000
|
trusted library allocation
|
page read and write
|
||
|
1E72CF69000
|
trusted library allocation
|
page read and write
|
||
|
1E72CC69000
|
trusted library allocation
|
page read and write
|
||
|
1E72B6AF000
|
heap
|
page read and write
|
||
|
1E72C297000
|
trusted library allocation
|
page read and write
|
||
|
1E743AA0000
|
heap
|
page read and write
|
||
|
7FF848D33000
|
trusted library allocation
|
page execute and read and write
|
||
|
1E72CC07000
|
trusted library allocation
|
page read and write
|
||
|
1E72D890000
|
trusted library allocation
|
page read and write
|
||
|
A84000
|
heap
|
page read and write
|
||
|
1E72C28D000
|
trusted library allocation
|
page read and write
|
||
|
A81000
|
heap
|
page read and write
|
||
|
1E72CFFE000
|
trusted library allocation
|
page read and write
|
||
|
1E72B7F0000
|
heap
|
page read and write
|
||
|
840000
|
heap
|
page read and write
|
||
|
1E72C2DA000
|
trusted library allocation
|
page read and write
|
||
|
1E72D3AD000
|
trusted library allocation
|
page read and write
|
||
|
27C8000
|
direct allocation
|
page read and write
|
||
|
1E72BFCC000
|
trusted library allocation
|
page read and write
|
||
|
1E72C96E000
|
trusted library allocation
|
page read and write
|
||
|
A04000
|
heap
|
page read and write
|
||
|
1E729780000
|
heap
|
page read and write
|
||
|
1E7439C0000
|
heap
|
page read and write
|
||
|
7FF849040000
|
trusted library allocation
|
page read and write
|
||
|
1E72C592000
|
trusted library allocation
|
page read and write
|
||
|
1E72CD75000
|
trusted library allocation
|
page read and write
|
||
|
1E72B820000
|
heap
|
page read and write
|
||
|
7FF849060000
|
trusted library allocation
|
page read and write
|
||
|
1E72C87E000
|
trusted library allocation
|
page read and write
|
||
|
1E72C5D2000
|
trusted library allocation
|
page read and write
|
||
|
1E72DB36000
|
trusted library allocation
|
page read and write
|
||
|
A6A000
|
heap
|
page read and write
|
||
|
1E72C532000
|
trusted library allocation
|
page read and write
|
||
|
1E72CCF2000
|
trusted library allocation
|
page read and write
|
||
|
1E72D404000
|
trusted library allocation
|
page read and write
|
||
|
1E72C43C000
|
trusted library allocation
|
page read and write
|
||
|
9FB000
|
heap
|
page read and write
|
||
|
749000
|
unkown
|
page readonly
|
||
|
3310000
|
remote allocation
|
page read and write
|
||
|
1E72C021000
|
trusted library allocation
|
page read and write
|
||
|
1E72CF5E000
|
trusted library allocation
|
page read and write
|
||
|
A4D000
|
heap
|
page read and write
|
||
|
1E72D8CE000
|
trusted library allocation
|
page read and write
|
||
|
1E72D21C000
|
trusted library allocation
|
page read and write
|
||
|
A07000
|
heap
|
page read and write
|
||
|
1E72C31A000
|
trusted library allocation
|
page read and write
|
||
|
1E72C39B000
|
trusted library allocation
|
page read and write
|
||
|
A26000
|
heap
|
page read and write
|
||
|
1E72D261000
|
trusted library allocation
|
page read and write
|
||
|
1E72C8B4000
|
trusted library allocation
|
page read and write
|
||
|
1E72D4CD000
|
trusted library allocation
|
page read and write
|
||
|
1E7298B1000
|
heap
|
page read and write
|
||
|
1E72D52F000
|
trusted library allocation
|
page read and write
|
||
|
1E72CFE8000
|
trusted library allocation
|
page read and write
|
||
|
1E72C55C000
|
trusted library allocation
|
page read and write
|
||
|
1E73B9B0000
|
trusted library allocation
|
page read and write
|
||
|
1E72DB90000
|
trusted library allocation
|
page read and write
|
||
|
1E72C30E000
|
trusted library allocation
|
page read and write
|
||
|
1E72D008000
|
trusted library allocation
|
page read and write
|
||
|
1E72DC30000
|
trusted library allocation
|
page read and write
|
||
|
1E72C137000
|
trusted library allocation
|
page read and write
|
||
|
1E72D4FB000
|
trusted library allocation
|
page read and write
|
||
|
1E72C175000
|
trusted library allocation
|
page read and write
|
||
|
1E72C32E000
|
trusted library allocation
|
page read and write
|
||
|
1E72CA24000
|
trusted library allocation
|
page read and write
|
||
|
23C0000
|
heap
|
page read and write
|
||
|
1E72C91A000
|
trusted library allocation
|
page read and write
|
||
|
1E72D9DA000
|
trusted library allocation
|
page read and write
|
||
|
1E72C5B2000
|
trusted library allocation
|
page read and write
|
||
|
1E72DB16000
|
trusted library allocation
|
page read and write
|
||
|
1E72D115000
|
trusted library allocation
|
page read and write
|
||
|
1E72CFBF000
|
trusted library allocation
|
page read and write
|
||
|
1E72B816000
|
heap
|
page read and write
|
||
|
A46000
|
heap
|
page read and write
|
||
|
24CF000
|
stack
|
page read and write
|
||
|
172B17E000
|
stack
|
page read and write
|
||
|
1E729862000
|
heap
|
page read and write
|
||
|
1E72C0D0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848D34000
|
trusted library allocation
|
page read and write
|
||
|
1E72BF08000
|
trusted library allocation
|
page read and write
|
||
|
1E72CF89000
|
trusted library allocation
|
page read and write
|
||
|
1E72D2FA000
|
trusted library allocation
|
page read and write
|
||
|
1E72B350000
|
heap
|
page read and write
|
||
|
1E72D912000
|
trusted library allocation
|
page read and write
|
||
|
1E72C709000
|
trusted library allocation
|
page read and write
|
||
|
172AD7E000
|
stack
|
page read and write
|
||
|
1E72C439000
|
trusted library allocation
|
page read and write
|
||
|
1E72C5BC000
|
trusted library allocation
|
page read and write
|
||
|
1E72C2EE000
|
trusted library allocation
|
page read and write
|
||
|
1E72BFEE000
|
trusted library allocation
|
page read and write
|
||
|
1E72D21E000
|
trusted library allocation
|
page read and write
|
||
|
1E72C3F0000
|
trusted library allocation
|
page read and write
|
||
|
1E72C7F1000
|
trusted library allocation
|
page read and write
|
||
|
1E72D2B7000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F80000
|
trusted library allocation
|
page read and write
|
||
|
A36000
|
heap
|
page read and write
|
||
|
2B3C000
|
stack
|
page read and write
|
||
|
1E72C59C000
|
trusted library allocation
|
page read and write
|
||
|
1E72D9BC000
|
trusted library allocation
|
page read and write
|
||
|
1E72D2A1000
|
trusted library allocation
|
page read and write
|
||
|
172AFFE000
|
stack
|
page read and write
|
||
|
A14000
|
heap
|
page read and write
|
||
|
1E72BFE0000
|
trusted library allocation
|
page read and write
|
||
|
2AFF000
|
stack
|
page read and write
|
||
|
1E72CD3D000
|
trusted library allocation
|
page read and write
|
||
|
1E72D55D000
|
trusted library allocation
|
page read and write
|
||
|
B30000
|
direct allocation
|
page execute and read and write
|
||
|
1E72C958000
|
trusted library allocation
|
page read and write
|
||
|
1E72BA28000
|
trusted library allocation
|
page read and write
|
||
|
1E72C043000
|
trusted library allocation
|
page read and write
|
||
|
2C40000
|
direct allocation
|
page read and write
|
||
|
1E72C8C3000
|
trusted library allocation
|
page read and write
|
||
|
1E72BFC0000
|
trusted library allocation
|
page read and write
|
||
|
1E72BBC8000
|
trusted library allocation
|
page read and write
|
||
|
1E72D0C9000
|
trusted library allocation
|
page read and write
|
||
|
23C3000
|
heap
|
page read and write
|
||
|
1E72D3C1000
|
trusted library allocation
|
page read and write
|
||
|
1E743B53000
|
heap
|
page read and write
|
||
|
A30000
|
heap
|
page read and write
|
||
|
1E72C00D000
|
trusted library allocation
|
page read and write
|
||
|
1E72D0D3000
|
trusted library allocation
|
page read and write
|
||
|
7FF848D3D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1E72CED9000
|
trusted library allocation
|
page read and write
|
||
|
1E72C4DB000
|
trusted library allocation
|
page read and write
|
||
|
1E72D953000
|
trusted library allocation
|
page read and write
|
||
|
1E72D79B000
|
trusted library allocation
|
page read and write
|
||
|
7FF848D30000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FA0000
|
trusted library allocation
|
page read and write
|
||
|
1E72C450000
|
trusted library allocation
|
page read and write
|
||
|
1E72D9D0000
|
trusted library allocation
|
page read and write
|
||
|
1E72CB9C000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FD0000
|
trusted library allocation
|
page read and write
|
||
|
1E72C38E000
|
trusted library allocation
|
page read and write
|
||
|
1E729885000
|
heap
|
page read and write
|
||
|
386F000
|
stack
|
page read and write
|
||
|
1E72C4B2000
|
trusted library allocation
|
page read and write
|
||
|
1E72D910000
|
trusted library allocation
|
page read and write
|
||
|
26CF000
|
stack
|
page read and write
|
||
|
A23000
|
heap
|
page read and write
|
||
|
1E72CFEA000
|
trusted library allocation
|
page read and write
|
||
|
1E72C45C000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F70000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F40000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F12000
|
trusted library allocation
|
page read and write
|
||
|
1E72CD14000
|
trusted library allocation
|
page read and write
|
||
|
1E72CB05000
|
trusted library allocation
|
page read and write
|
There are 703 hidden memdumps, click here to show them.