Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
IaslcsMo.ps1
|
ASCII text, with very long lines (65265), with CRLF line terminators
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\S8RGGAQW7QVSMBVCVHPY4.ps1
|
HTML document, ASCII text, with very long lines (8771), with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\wpkoqtsrt
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\yhg
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\UPEC\QtCore4.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\UPEC\QtGui4.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\UPEC\QtNetwork4.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\UPEC\QtXml4.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\Updater.exe
|
PE32+ executable (GUI) x86-64, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\d3dcompiler_47.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\ffmpeg.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\VWPGdipf\NAudio.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\VWPGdipf\QtCore4.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\VWPGdipf\QtGui4.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\VWPGdipf\QtNetwork4.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\VWPGdipf\QtXml4.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\VWPGdipf\RcClientBase.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\VWPGdipf\Resource.ct
|
PE32+ executable (GUI) x86-64, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\VWPGdipf\Set-up.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\VWPGdipf\UpdateClient.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\VWPGdipf\UpdateCommon.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\851378ef
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\8a6ce17d
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_3abcocvk.peh.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_a4t4grtu.yw2.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_eov2mbnc.rqw.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_g2ekcfd5.k0k.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_i1elbk32.fty.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_tltwzlfm.vxx.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\590aee7bdd69b59b.customDestinations-ms (copy)
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\P257X2FN4PMK28TO9VDX.temp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\UPEC\StarBurn.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\UPEC\isjii
|
Atari 68xxx CPX file (version 4d53)
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\UPEC\looelll
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\UPEC\msvcp100.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\UPEC\msvcr100.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\NAudio.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\Updater.exe.config
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\devtools_resources.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\ActiveXInstallService.adml
|
XML 1.0 document, ASCII text, with very long lines (403), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\AddRemovePrograms.adml
|
XML 1.0 document, ASCII text, with very long lines (496), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\AppCompat.adml
|
XML 1.0 document, ASCII text, with very long lines (565), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\AppXRuntime.adml
|
XML 1.0 document, ASCII text, with very long lines (394), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\AppxPackageManager.adml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\AttachmentManager.adml
|
XML 1.0 document, ASCII text, with very long lines (564), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\AuditSettings.adml
|
XML 1.0 document, ASCII text, with very long lines (369), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\AutoPlay.adml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\Biometrics.adml
|
XML 1.0 document, ASCII text, with very long lines (381), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\Bits.adml
|
XML 1.0 document, ASCII text, with very long lines (534), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\CEIPEnable.adml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\COM.adml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\CipherSuiteOrder.adml
|
XML 1.0 document, ASCII text, with very long lines (1488), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\Conf.adml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\ControlPanel.adml
|
XML 1.0 document, ASCII text, with very long lines (545), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\ControlPanelDisplay.adml
|
XML 1.0 document, ASCII text, with very long lines (334), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\Cpls.adml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\CredSsp.adml
|
XML 1.0 document, ASCII text, with very long lines (369), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\CredUI.adml
|
XML 1.0 document, Unicode text, UTF-8 text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\CredentialProviders.adml
|
XML 1.0 document, ASCII text, with very long lines (479), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\CtrlAltDel.adml
|
XML 1.0 document, ASCII text, with very long lines (353), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\DCOM.adml
|
XML 1.0 document, ASCII text, with very long lines (507), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\DFS.adml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\DWM.adml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\Desktop.adml
|
XML 1.0 document, ASCII text, with very long lines (543), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\DeviceCompat.adml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\DeviceInstallation.adml
|
XML 1.0 document, ASCII text, with very long lines (671), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\DeviceSetup.adml
|
XML 1.0 document, ASCII text, with very long lines (308), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\DigitalLocker.adml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\DiskDiagnostic.adml
|
XML 1.0 document, ASCII text, with very long lines (349), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\DiskNVCache.adml
|
XML 1.0 document, ASCII text, with very long lines (552), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\DiskQuota.adml
|
XML 1.0 document, Unicode text, UTF-8 text, with very long lines (382), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\DistributedLinkTracking.adml
|
XML 1.0 document, ASCII text, with very long lines (575), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\DnsClient.adml
|
XML 1.0 document, ASCII text, with very long lines (896), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\EAIME.adml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\EarlyLaunchAM.adml
|
ASCII text, with very long lines (335), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\EdgeUI.adml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\EncryptFilesonMove.adml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\ErrorReporting.adml
|
XML 1.0 document, Unicode text, UTF-8 text, with very long lines (790), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\EventForwarding.adml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\EventLog.adml
|
XML 1.0 document, Unicode text, UTF-8 text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\EventViewer.adml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\Explorer.adml
|
XML 1.0 document, ASCII text, with very long lines (311), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\ExternalBoot.adml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\FileHistory.adml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\FileRecovery.adml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\FileRevocation.adml
|
XML 1.0 document, Unicode text, UTF-8 text, with very long lines (591), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\FileServerVSSProvider.adml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\FileSys.adml
|
XML 1.0 document, ASCII text, with very long lines (466), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\FolderRedirection.adml
|
XML 1.0 document, ASCII text, with very long lines (565), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\FramePanes.adml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\GameExplorer.adml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\Globalization.adml
|
XML 1.0 document, ASCII text, with very long lines (486), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\GroupPolicy-Server.adml
|
XML 1.0 document, ASCII text, with very long lines (301), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\GroupPolicy.adml
|
XML 1.0 document, Unicode text, UTF-8 text, with very long lines (772), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\GroupPolicyPreferences.adml
|
XML 1.0 document, ASCII text, with very long lines (500), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\Help.adml
|
XML 1.0 document, ASCII text, with very long lines (399), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\HelpAndSupport.adml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\ICM.adml
|
XML 1.0 document, ASCII text, with very long lines (543), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\IIS.adml
|
XML 1.0 document, ASCII text, with very long lines (743), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\InetRes.adml
|
XML 1.0 document, Unicode text, UTF-8 text, with very long lines (592), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\InkWatson.adml
|
XML 1.0 document, ASCII text, with very long lines (309), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\KDC.adml
|
XML 1.0 document, ASCII text, with very long lines (554), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\Kerberos.adml
|
XML 1.0 document, ASCII text, with very long lines (840), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\LanmanServer.adml
|
XML 1.0 document, ASCII text, with very long lines (552), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\LeakDiagnostic.adml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\LinkLayerTopologyDiscovery.adml
|
XML 1.0 document, ASCII text, with very long lines (460), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\LocationProviderAdm.adml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\Logon.adml
|
XML 1.0 document, Unicode text, UTF-8 text, with very long lines (587), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\MMC.adml
|
XML 1.0 document, ASCII text, with very long lines (374), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\MMCSnapIns2.adml
|
XML 1.0 document, ASCII text, with very long lines (332), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\MMCSnapins.adml
|
XML 1.0 document, ASCII text, with very long lines (333), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\MSDT.adml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\MSI.adml
|
XML 1.0 document, ASCII text, with very long lines (499), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\MediaCenter.adml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\MobilePCMobilityCenter.adml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\MobilePCPresentationSettings.adml
|
XML 1.0 document, ASCII text, with very long lines (366), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\Msi-FileRecovery.adml
|
XML 1.0 document, ASCII text, with very long lines (333), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\NAPXPQec.adml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\NCSI.adml
|
XML 1.0 document, ASCII text, with very long lines (417), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\Netlogon.adml
|
XML 1.0 document, Unicode text, UTF-8 text, with very long lines (1008), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\NetworkConnections.adml
|
XML 1.0 document, ASCII text, with very long lines (1486), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\NetworkIsolation.adml
|
exported SGML document, ASCII text, with very long lines (461), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\NetworkProjection.adml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\OfflineFiles.adml
|
XML 1.0 document, Unicode text, UTF-8 text, with very long lines (634), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\P2P-pnrp.adml
|
XML 1.0 document, Unicode text, UTF-8 text, with very long lines (447), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\ParentalControls.adml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\PeerToPeerCaching.adml
|
XML 1.0 document, ASCII text, with very long lines (754), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\PenTraining.adml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\PerformanceDiagnostics.adml
|
XML 1.0 document, ASCII text, with very long lines (577), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\PerformancePerftrack.adml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\Power.adml
|
XML 1.0 document, Unicode text, UTF-8 text, with very long lines (389), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\PowerShellExecutionPolicy.adml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\PreviousVersions.adml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\Printing.adml
|
XML 1.0 document, Unicode text, UTF-8 text, with very long lines (568), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\Printing2.adml
|
XML 1.0 document, ASCII text, with very long lines (640), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\Programs.adml
|
XML 1.0 document, ASCII text, with very long lines (424), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\PswdSync.adml
|
XML 1.0 document, ASCII text, with very long lines (366), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\QOS.adml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\RPC.adml
|
XML 1.0 document, ASCII text, with very long lines (491), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\RacWmiProv.adml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\Radar.adml
|
XML 1.0 document, ASCII text, with very long lines (563), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\ReAgent.adml
|
XML 1.0 document, ASCII text, with very long lines (483), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\Reliability.adml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\RemoteAssistance.adml
|
XML 1.0 document, ASCII text, with very long lines (455), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\RemovableStorage.adml
|
XML 1.0 document, ASCII text, with very long lines (302), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\Scripts.adml
|
XML 1.0 document, ASCII text, with very long lines (331), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\Securitycenter.adml
|
XML 1.0 document, ASCII text, with very long lines (622), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\Sensors.adml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\ServerManager.adml
|
XML 1.0 document, Unicode text, UTF-8 text, with very long lines (387), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\Servicing.adml
|
XML 1.0 document, Unicode text, UTF-8 text, with very long lines (408), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\SettingSync.adml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\Setup.adml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\SharedFolders.adml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\Sharing.adml
|
XML 1.0 document, ASCII text, with very long lines (372), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\Shell-CommandPrompt-RegEditTools.adml
|
XML 1.0 document, ASCII text, with very long lines (461), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\ShellWelcomeCenter.adml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\Sidebar.adml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\SkyDrive.adml
|
XML 1.0 document, Unicode text, UTF-8 text, with very long lines (698), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\Smartcard.adml
|
XML 1.0 document, ASCII text, with very long lines (505), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\Snis.adml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\Snmp.adml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\SoundRec.adml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\StartMenu.adml
|
XML 1.0 document, Unicode text, UTF-8 text, with very long lines (491), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\SystemRestore.adml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\TPM.adml
|
XML 1.0 document, Unicode text, UTF-8 text, with very long lines (751), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\TabletPCInputPanel.adml
|
XML 1.0 document, Unicode text, UTF-8 text, with very long lines (416), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\TabletShell.adml
|
XML 1.0 document, ASCII text, with very long lines (546), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\TaskScheduler.adml
|
XML 1.0 document, ASCII text, with very long lines (579), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\Taskbar.adml
|
XML 1.0 document, Unicode text, UTF-8 text, with very long lines (325), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\TerminalServer-Server.adml
|
XML 1.0 document, ASCII text, with very long lines (495), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\TerminalServer.adml
|
XML 1.0 document, ASCII text, with very long lines (638), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\Thumbnails.adml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\TouchInput.adml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\UserProfiles.adml
|
XML 1.0 document, Unicode text, UTF-8 text, with very long lines (658), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\VolumeEncryption.adml
|
XML 1.0 document, Unicode text, UTF-8 text, with very long lines (1087), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\W32Time.adml
|
XML 1.0 document, ASCII text, with very long lines (721), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\WCM.adml
|
XML 1.0 document, ASCII text, with very long lines (583), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\WDI.adml
|
XML 1.0 document, ASCII text, with very long lines (513), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\WPN.adml
|
XML 1.0 document, ASCII text, with very long lines (369), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\WinCal.adml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\WinInit.adml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\WinLogon.adml
|
XML 1.0 document, Unicode text, UTF-8 text, with very long lines (530), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\Windows.adml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\WindowsAnytimeUpgrade.adml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\WindowsBackup.adml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\WindowsColorSystem.adml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\WindowsConnectNow.adml
|
XML 1.0 document, ASCII text, with very long lines (333), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\WindowsDefender.adml
|
Unicode text, UTF-8 text, with very long lines (733), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\WindowsExplorer.adml
|
XML 1.0 document, Unicode text, UTF-8 text, with very long lines (989), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\WindowsFileProtection.adml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\WindowsFirewall.adml
|
XML 1.0 document, ASCII text, with very long lines (1085), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\WindowsMail.adml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\WindowsMediaDRM.adml
|
XML 1.0 document, ASCII text, with very long lines (432), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\WindowsMediaPlayer.adml
|
XML 1.0 document, ASCII text, with very long lines (560), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\WindowsMessenger.adml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\WindowsProducts.adml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\WindowsRemoteManagement.adml
|
XML 1.0 document, ASCII text, with very long lines (354), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\WindowsRemoteShell.adml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\WindowsServer.adml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\WindowsUpdate.adml
|
XML 1.0 document, ASCII text, with very long lines (561), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\Winsrv.adml
|
XML 1.0 document, ASCII text, with very long lines (336), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\WordWheel.adml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\WorkFolders-Client.adml
|
XML 1.0 document, ASCII text, with very long lines (591), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\WorkplaceJoin.adml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\fthsvc.adml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\hotspotauth.adml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\iSCSI.adml
|
XML 1.0 document, ASCII text, with very long lines (402), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\msched.adml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\nca.adml
|
Unicode text, UTF-8 text, with very long lines (532), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\pca.adml
|
XML 1.0 document, ASCII text, with very long lines (379), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\sdiageng.adml
|
XML 1.0 document, ASCII text, with very long lines (423), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\srm-fci.adml
|
XML 1.0 document, ASCII text, with very long lines (472), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\tcpip.adml
|
XML 1.0 document, ASCII text, with very long lines (431), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\wlansvc.adml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\en-US\wwansvc.adml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\icudtl.dat
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\Data\v8_context_snapshot.bin
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\StarBurn.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\isjii
|
Atari 68xxx CPX file (version 4d53)
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\looelll
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\msvcp100.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VWPGdipf\msvcr100.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\jcysbXpH.zip
|
Zip archive data, at least v2.0 to extract, compression method=deflate
|
dropped
|
There are 215 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -noLogo -ExecutionPolicy unrestricted -file "C:\Users\user\Desktop\IaslcsMo.ps1"
|
|
|
|
C:\Users\user\AppData\Roaming\VWPGdipf\Set-up.exe
|
"C:\Users\user\AppData\Roaming\VWPGdipf\Set-up.exe"
|
|
|
|
C:\Windows\SysWOW64\more.com
|
C:\Windows\SysWOW64\more.com
|
|
|
|
C:\Users\user\AppData\Roaming\VWPGdipf\Set-up.exe
|
"C:\Users\user\AppData\Roaming\VWPGdipf\Set-up.exe"
|
|
|
|
C:\Windows\SysWOW64\msiexec.exe
|
C:\Windows\SysWOW64\msiexec.exe
|
|
|
|
C:\Windows\SysWOW64\more.com
|
C:\Windows\SysWOW64\more.com
|
|
|
|
C:\Users\user\AppData\Roaming\VWPGdipf\Set-up.exe
|
"C:\Users\user\AppData\Roaming\VWPGdipf\Set-up.exe"
|
|
|
|
C:\Windows\SysWOW64\msiexec.exe
|
C:\Windows\SysWOW64\msiexec.exe
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
powershell -exec bypass -f "C:\Users\user\AppData\Local\Temp\S8RGGAQW7QVSMBVCVHPY4.ps1"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 3 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://marchhappen.cyou/api
|
104.21.2.224
|
|
|
|
marchhappen.cyou
|
|
||
|
http://repository.certum.pl/ctsca2021.cer0A
|
unknown
|
||
|
http://crl.certum.pl/ctsca2021.crl0o
|
unknown
|
||
|
https://downloads.reneelab.com/passnow/passnow_cnhttps://downloads.reneelab.com.cn/passnow/passnow_x
|
unknown
|
||
|
https://www.digicert.c
|
unknown
|
||
|
http://www.vmware.com/0
|
unknown
|
||
|
http://support.reneelab.com/anonymous_requests/newstore/buy-renee-passnowentrare-nel-bios.htmlItalia
|
unknown
|
||
|
http://support.reneelab.com/anonymous_requests/new
|
unknown
|
||
|
http://www.reneelab.fr/
|
unknown
|
||
|
https://downloads.reneelab.com.cn/download_api.php
|
unknown
|
||
|
http://www.reneelab.it/
|
unknown
|
||
|
http://xml.org/sax/features/namespace-prefixes
|
unknown
|
||
|
http://contoso.com/rdweb/Feed/webfeed.aspx.
|
unknown
|
||
|
http://www.reneelab.biz/
|
unknown
|
||
|
https://downloads.reneelab.com/download_api.php
|
unknown
|
||
|
http://bug.reneelab.com
|
unknown
|
||
|
http://www.reneelab.cc/
|
unknown
|
||
|
http://qt.digia.com/
|
unknown
|
||
|
http://www.reneelab.ru/
|
unknown
|
||
|
http://www.reneelab.de/
|
unknown
|
||
|
http://subca.ocsp-certum.com05
|
unknown
|
||
|
http://b.chenall.net/menu.lst
|
unknown
|
||
|
http://isecure-a.reneelab.com/webapi.php?code=
|
unknown
|
||
|
http://subca.ocsp-certum.com02
|
unknown
|
||
|
http://www.phreedom.org/md5)41UTN-USERFirst-Hardware72:03:21:05:c5:0c:08:57:3d:8e:a5:30:4e:fe:e8:b0D
|
unknown
|
||
|
http://grub4dos.chenall.net/e/%u)
|
unknown
|
||
|
http://subca.ocsp-certum.com01
|
unknown
|
||
|
http://crl.certum.pl/ctnca2.crl0l
|
unknown
|
||
|
http://repository.certum.pl/ctnca2.cer09
|
unknown
|
||
|
https://downloads.reneelab.com/download_api.phphttps://downloads.reneelab.com.cn/download_api.php?ac
|
unknown
|
||
|
http://www.reneelab.es/
|
unknown
|
||
|
http://www.reneelab.de/product-land-237.htmlhttp://support.reneelab.com/anonymous_requests/newstore/
|
unknown
|
||
|
http://www.trialpay.com/productpage/?c=3016dc6&tid=6rpipbo
|
unknown
|
||
|
https://www.reneelab.com
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://www.reneelab.com/product-land-188.htmlhttp://support.reneelab.com/anonymous_requests/newstore
|
unknown
|
||
|
http://www.certum.pl/CPS0
|
unknown
|
||
|
http://bugreports.qt-project.org/
|
unknown
|
||
|
http://www.reneelab.com.cn/
|
unknown
|
||
|
http://www.reneelab.pl/
|
unknown
|
||
|
https://rentry.co/feouewe5/raw
|
172.67.75.40
|
||
|
http://trolltech.com/xml/features/report-whitespace-only-CharDatahttp://xml.org/sax/features/namespa
|
unknown
|
||
|
http://www.phreedom.org/md5)
|
unknown
|
||
|
https://aka.ms/winsvr-2022-pshelp
|
unknown
|
||
|
http://repository.certum.pl/ctnca.cer09
|
unknown
|
||
|
http://www.reneelab.es/product-land-280.htmlhttp://support.reneelab.com/anonymous_requests/newstore/
|
unknown
|
||
|
https://www.reneelab.comwww.reneelab.comhttp://https://0
|
unknown
|
||
|
http://bug.reneelab.com/psw_report.phpLicenseCodePSW_RENEELB_WINx86_20201003User
|
unknown
|
||
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
||
|
http://schemas.xmlsoap.org/soap/encoding/
|
unknown
|
||
|
http://crl.certum.pl/ctnca.crl0k
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
http://www.reneelab.kr/
|
unknown
|
||
|
http://www.reneelab.jp/
|
unknown
|
||
|
http://xml.org/sax/features/namespaces
|
unknown
|
||
|
http://isecure.reneelab.com.cn/webapi.php?code=
|
unknown
|
||
|
http://www.winimage.com/zLibDll1.2.6
|
unknown
|
||
|
http://www.vmware.com/0/
|
unknown
|
||
|
https://downloads.reneelab.com/passnow/passnow_
|
unknown
|
||
|
http://www.reneelab.net/
|
unknown
|
||
|
https://www.certum.pl/CPS0
|
unknown
|
||
|
http://qt.digia.com/product/licensing
|
unknown
|
||
|
http://c0rl.m%L
|
unknown
|
||
|
http://trolltech.com/xml/features/report-start-end-entityUnknown
|
unknown
|
||
|
http://www.reneelab.net//reset-windows-password.htmlhttp://support.reneelab.com/anonymous_requests/n
|
unknown
|
||
|
http://www.symauth.com/cps0(
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
||
|
http://www.reneelab.com.cn/product-land-286.htmlhttp://support.reneelab.com/anonymous_requests/newst
|
unknown
|
||
|
http://www.reneelab.it/reimpostare-passwordi-di-windows-login.html
|
unknown
|
||
|
http://isecure.reneelab.com.cn/webapi.php?code=http://isecure-a.reneelab.com/webapi.php?code=http://
|
unknown
|
||
|
http://www.symauth.com/rpa00
|
unknown
|
||
|
http://schemas.xmlsoap.org/wsdl/
|
unknown
|
||
|
http://www.info-zip.org/
|
unknown
|
||
|
http://trolltech.com/xml/features/report-start-end-entity
|
unknown
|
||
|
http://www.winimage.com/zLibDll
|
unknown
|
||
|
http://www.reneelab.com/
|
unknown
|
||
|
http://isecure.reneelab.com/webapi.php?code=
|
unknown
|
||
|
https://aka.ms/pscore68
|
unknown
|
||
|
http://bugreports.qt-project.org/QHttpNetworkConnectionChannel::_q_receiveReply()
|
unknown
|
||
|
http://www.reneelab.jp/product-land-286.htmlhttp://support.reneelab.com/anonymous_requests/newstore/
|
unknown
|
||
|
http://trolltech.com/xml/features/report-whitespace-only-CharData
|
unknown
|
||
|
https://downloads.reneelab.com.cn/passnow/passnow_
|
unknown
|
||
|
http://www.reneelab.biz/redefinir-senha-de-admin-logon-windows.htmlhttp://support.reneelab.com/anony
|
unknown
|
||
|
http://www.reneelab.pl/product-land-280.htmlhttp://support.reneelab.com/anonymous_requests/newpurcha
|
unknown
|
There are 75 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
marchhappen.cyou
|
104.21.2.224
|
|
|
|
rentry.co
|
172.67.75.40
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
104.21.2.224
|
marchhappen.cyou
|
United States
|
|
|
|
172.67.75.40
|
rentry.co
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
NetUtilityApp
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
5700000
|
direct allocation
|
page read and write
|
|
|
|
4397000
|
trusted library allocation
|
page read and write
|
|
|
|
3706000
|
heap
|
page read and write
|
|
|
|
5194000
|
trusted library allocation
|
page read and write
|
|
|
|
3ADE000
|
heap
|
page read and write
|
|
|
|
5043000
|
trusted library allocation
|
page read and write
|
|
|
|
3A7A000
|
heap
|
page read and write
|
|
|
|
50EF000
|
trusted library allocation
|
page read and write
|
|
|
|
624F000
|
unkown
|
page read and write
|
||
|
337A000
|
heap
|
page read and write
|
||
|
61C6000
|
unkown
|
page read and write
|
||
|
2E8C000
|
stack
|
page read and write
|
||
|
6378000
|
unkown
|
page read and write
|
||
|
61F5000
|
unkown
|
page read and write
|
||
|
61D6000
|
unkown
|
page read and write
|
||
|
3448000
|
heap
|
page read and write
|
||
|
7010000
|
trusted library allocation
|
page read and write
|
||
|
18E51EF0000
|
heap
|
page read and write
|
||
|
5250000
|
direct allocation
|
page read and write
|
||
|
3B1000
|
unkown
|
page execute read
|
||
|
450E000
|
stack
|
page read and write
|
||
|
61D2000
|
unkown
|
page read and write
|
||
|
61D6000
|
unkown
|
page read and write
|
||
|
344F000
|
heap
|
page read and write
|
||
|
6F0CA000
|
unkown
|
page read and write
|
||
|
18E624D1000
|
trusted library allocation
|
page read and write
|
||
|
18E530EE000
|
trusted library allocation
|
page read and write
|
||
|
DE8000
|
unkown
|
page readonly
|
||
|
61B5000
|
unkown
|
page read and write
|
||
|
6BD6E000
|
unkown
|
page read and write
|
||
|
4A65000
|
trusted library allocation
|
page read and write
|
||
|
1530000
|
heap
|
page read and write
|
||
|
61C6000
|
unkown
|
page read and write
|
||
|
18E53F31000
|
trusted library allocation
|
page read and write
|
||
|
2EB0000
|
heap
|
page read and write
|
||
|
18E54556000
|
trusted library allocation
|
page read and write
|
||
|
18E526F9000
|
trusted library allocation
|
page read and write
|
||
|
FAC000
|
stack
|
page read and write
|
||
|
7A4000
|
heap
|
page read and write
|
||
|
18E52FBA000
|
trusted library allocation
|
page read and write
|
||
|
18E53521000
|
trusted library allocation
|
page read and write
|
||
|
6203000
|
unkown
|
page read and write
|
||
|
55B1000
|
unkown
|
page read and write
|
||
|
344D000
|
heap
|
page read and write
|
||
|
6203000
|
unkown
|
page read and write
|
||
|
2F74000
|
heap
|
page read and write
|
||
|
4029000
|
trusted library allocation
|
page read and write
|
||
|
6BB50000
|
unkown
|
page readonly
|
||
|
61A7000
|
unkown
|
page read and write
|
||
|
3C4D000
|
trusted library allocation
|
page read and write
|
||
|
61BF000
|
unkown
|
page read and write
|
||
|
18E53315000
|
trusted library allocation
|
page read and write
|
||
|
18E67541000
|
trusted library allocation
|
page read and write
|
||
|
252C000
|
heap
|
page read and write
|
||
|
61C6000
|
unkown
|
page read and write
|
||
|
6350000
|
unkown
|
page read and write
|
||
|
6EFD1000
|
unkown
|
page execute read
|
||
|
6D47000
|
heap
|
page read and write
|
||
|
3C6D000
|
heap
|
page read and write
|
||
|
7E1000
|
unkown
|
page execute read
|
||
|
61D6000
|
unkown
|
page read and write
|
||
|
61A7000
|
unkown
|
page read and write
|
||
|
263F000
|
stack
|
page read and write
|
||
|
61AB000
|
unkown
|
page read and write
|
||
|
2694000
|
heap
|
page read and write
|
||
|
61A9000
|
unkown
|
page read and write
|
||
|
61D6000
|
unkown
|
page read and write
|
||
|
18E530A5000
|
trusted library allocation
|
page read and write
|
||
|
624D000
|
unkown
|
page read and write
|
||
|
6BD71000
|
unkown
|
page readonly
|
||
|
44BE000
|
stack
|
page read and write
|
||
|
61C6000
|
unkown
|
page read and write
|
||
|
1E9000
|
unkown
|
page write copy
|
||
|
18E53493000
|
trusted library allocation
|
page read and write
|
||
|
18E534C4000
|
trusted library allocation
|
page read and write
|
||
|
61E8000
|
unkown
|
page read and write
|
||
|
61A2000
|
unkown
|
page read and write
|
||
|
6BD91000
|
unkown
|
page execute read
|
||
|
18E52FB8000
|
trusted library allocation
|
page read and write
|
||
|
DE8000
|
unkown
|
page readonly
|
||
|
3ED6000
|
unkown
|
page read and write
|
||
|
6C837000
|
unkown
|
page write copy
|
||
|
18E5243A000
|
heap
|
page read and write
|
||
|
61D2000
|
unkown
|
page read and write
|
||
|
33E0000
|
heap
|
page read and write
|
||
|
18E53CA8000
|
trusted library allocation
|
page read and write
|
||
|
6F0C7000
|
unkown
|
page write copy
|
||
|
6BD6D000
|
unkown
|
page write copy
|
||
|
56E1000
|
trusted library allocation
|
page read and write
|
||
|
6EEF000
|
stack
|
page read and write
|
||
|
DE3000
|
unkown
|
page write copy
|
||
|
6C5D1000
|
unkown
|
page execute read
|
||
|
54B1000
|
unkown
|
page read and write
|
||
|
6D38000
|
heap
|
page read and write
|
||
|
6213000
|
unkown
|
page read and write
|
||
|
6F0C7000
|
unkown
|
page write copy
|
||
|
27CD000
|
heap
|
page read and write
|
||
|
61FA000
|
unkown
|
page read and write
|
||
|
4811000
|
unkown
|
page read and write
|
||
|
246C000
|
stack
|
page read and write
|
||
|
1850000
|
heap
|
page read and write
|
||
|
63B2000
|
unkown
|
page read and write
|
||
|
18E53049000
|
trusted library allocation
|
page read and write
|
||
|
331A2FE000
|
stack
|
page read and write
|
||
|
61A1000
|
unkown
|
page read and write
|
||
|
FD0000
|
heap
|
page read and write
|
||
|
2699000
|
trusted library allocation
|
page read and write
|
||
|
61AB000
|
unkown
|
page read and write
|
||
|
3180000
|
heap
|
page read and write
|
||
|
48AE000
|
trusted library allocation
|
page read and write
|
||
|
18E53A6B000
|
trusted library allocation
|
page read and write
|
||
|
6BC10000
|
unkown
|
page readonly
|
||
|
6BD29000
|
unkown
|
page readonly
|
||
|
31F0000
|
heap
|
page read and write
|
||
|
6C73A000
|
unkown
|
page readonly
|
||
|
6C5D1000
|
unkown
|
page execute read
|
||
|
13D0000
|
heap
|
page read and write
|
||
|
18E5044F000
|
heap
|
page read and write
|
||
|
61D6000
|
unkown
|
page read and write
|
||
|
18E52E67000
|
trusted library allocation
|
page read and write
|
||
|
35E4000
|
heap
|
page read and write
|
||
|
61AF000
|
unkown
|
page read and write
|
||
|
6E30000
|
trusted library allocation
|
page read and write
|
||
|
2F74000
|
heap
|
page read and write
|
||
|
18E52CF0000
|
trusted library allocation
|
page read and write
|
||
|
61D7000
|
unkown
|
page read and write
|
||
|
40F6000
|
unkown
|
page read and write
|
||
|
7020000
|
trusted library allocation
|
page read and write
|
||
|
18E535FD000
|
trusted library allocation
|
page read and write
|
||
|
3BAF000
|
heap
|
page read and write
|
||
|
61E8000
|
unkown
|
page read and write
|
||
|
18E50300000
|
heap
|
page read and write
|
||
|
18E53552000
|
trusted library allocation
|
page read and write
|
||
|
61AB000
|
unkown
|
page read and write
|
||
|
331A4FE000
|
stack
|
page read and write
|
||
|
61ED000
|
unkown
|
page read and write
|
||
|
18E53C1A000
|
trusted library allocation
|
page read and write
|
||
|
61D6000
|
unkown
|
page read and write
|
||
|
12FE000
|
stack
|
page read and write
|
||
|
1244000
|
heap
|
page read and write
|
||
|
6BD91000
|
unkown
|
page execute read
|
||
|
33AE000
|
heap
|
page read and write
|
||
|
237F000
|
stack
|
page read and write
|
||
|
2F74000
|
heap
|
page read and write
|
||
|
6BD90000
|
unkown
|
page readonly
|
||
|
33B0000
|
direct allocation
|
page read and write
|
||
|
191000
|
unkown
|
page execute read
|
||
|
52DD000
|
direct allocation
|
page read and write
|
||
|
1210000
|
heap
|
page read and write
|
||
|
3518000
|
heap
|
page read and write
|
||
|
33FC000
|
heap
|
page read and write
|
||
|
18E530D8000
|
trusted library allocation
|
page read and write
|
||
|
18E53990000
|
trusted library allocation
|
page read and write
|
||
|
18E53EE9000
|
trusted library allocation
|
page read and write
|
||
|
18E5317D000
|
trusted library allocation
|
page read and write
|
||
|
18E52D4D000
|
trusted library allocation
|
page read and write
|
||
|
6BC03000
|
unkown
|
page read and write
|
||
|
61FF000
|
unkown
|
page read and write
|
||
|
6BD91000
|
unkown
|
page execute read
|
||
|
6C5D0000
|
unkown
|
page readonly
|
||
|
331B48C000
|
stack
|
page read and write
|
||
|
6C548000
|
unkown
|
page read and write
|
||
|
6216000
|
unkown
|
page read and write
|
||
|
1352000
|
heap
|
page read and write
|
||
|
18E53F90000
|
trusted library allocation
|
page read and write
|
||
|
61C5000
|
unkown
|
page read and write
|
||
|
18E52CBE000
|
trusted library allocation
|
page read and write
|
||
|
61D6000
|
unkown
|
page read and write
|
||
|
61D6000
|
unkown
|
page read and write
|
||
|
331A3FB000
|
stack
|
page read and write
|
||
|
13E7000
|
heap
|
page read and write
|
||
|
3437000
|
heap
|
page read and write
|
||
|
7A40000
|
trusted library allocation
|
page read and write
|
||
|
7A60000
|
trusted library allocation
|
page read and write
|
||
|
3340000
|
unkown
|
page read and write
|
||
|
24C0000
|
heap
|
page read and write
|
||
|
61DF000
|
unkown
|
page read and write
|
||
|
61D6000
|
unkown
|
page read and write
|
||
|
26C0000
|
heap
|
page read and write
|
||
|
61B1000
|
unkown
|
page read and write
|
||
|
18E53DDF000
|
trusted library allocation
|
page read and write
|
||
|
61B2000
|
unkown
|
page read and write
|
||
|
343B000
|
heap
|
page read and write
|
||
|
1330000
|
heap
|
page read and write
|
||
|
6245000
|
unkown
|
page read and write
|
||
|
6C32E000
|
unkown
|
page readonly
|
||
|
4450000
|
direct allocation
|
page read and write
|
||
|
6BC6E000
|
unkown
|
page read and write
|
||
|
4560000
|
unkown
|
page read and write
|
||
|
DE4000
|
unkown
|
page read and write
|
||
|
33C0000
|
heap
|
page read and write
|
||
|
61D6000
|
unkown
|
page read and write
|
||
|
344D000
|
heap
|
page read and write
|
||
|
18E53EA3000
|
trusted library allocation
|
page read and write
|
||
|
18E52E0D000
|
trusted library allocation
|
page read and write
|
||
|
4A60000
|
direct allocation
|
page read and write
|
||
|
61DF000
|
unkown
|
page read and write
|
||
|
2640000
|
heap
|
page read and write
|
||
|
2694000
|
heap
|
page read and write
|
||
|
3F50000
|
unkown
|
page read and write
|
||
|
61C5000
|
unkown
|
page read and write
|
||
|
27DB000
|
heap
|
page read and write
|
||
|
3398000
|
heap
|
page read and write
|
||
|
387D000
|
heap
|
page read and write
|
||
|
61FE000
|
unkown
|
page read and write
|
||
|
342E000
|
heap
|
page read and write
|
||
|
1244000
|
heap
|
page read and write
|
||
|
49EB000
|
trusted library allocation
|
page read and write
|
||
|
61A0000
|
unkown
|
page read and write
|
||
|
6BD71000
|
unkown
|
page readonly
|
||
|
18E5329C000
|
trusted library allocation
|
page read and write
|
||
|
61C6000
|
unkown
|
page read and write
|
||
|
61C6000
|
unkown
|
page read and write
|
||
|
6BC81000
|
unkown
|
page execute read
|
||
|
6216000
|
unkown
|
page read and write
|
||
|
18E52412000
|
heap
|
page read and write
|
||
|
61D4000
|
unkown
|
page read and write
|
||
|
6418000
|
unkown
|
page read and write
|
||
|
2694000
|
heap
|
page read and write
|
||
|
61D6000
|
unkown
|
page read and write
|
||
|
61D6000
|
unkown
|
page read and write
|
||
|
13EA000
|
heap
|
page read and write
|
||
|
7A4000
|
heap
|
page read and write
|
||
|
61BA000
|
unkown
|
page read and write
|
||
|
7A80000
|
trusted library allocation
|
page execute and read and write
|
||
|
61AB000
|
unkown
|
page read and write
|
||
|
1450000
|
heap
|
page read and write
|
||
|
6BC72000
|
unkown
|
page readonly
|
||
|
6BC08000
|
unkown
|
page readonly
|
||
|
61B1000
|
unkown
|
page read and write
|
||
|
52D9000
|
direct allocation
|
page read and write
|
||
|
18E5456A000
|
trusted library allocation
|
page read and write
|
||
|
32F0000
|
heap
|
page read and write
|
||
|
4D4F000
|
heap
|
page read and write
|
||
|
6F023000
|
unkown
|
page readonly
|
||
|
6BC6E000
|
unkown
|
page read and write
|
||
|
61FE000
|
unkown
|
page read and write
|
||
|
18E54A3D000
|
trusted library allocation
|
page read and write
|
||
|
6C83B000
|
unkown
|
page readonly
|
||
|
6C837000
|
unkown
|
page write copy
|
||
|
18E53438000
|
trusted library allocation
|
page read and write
|
||
|
18E52479000
|
heap
|
page read and write
|
||
|
342E000
|
heap
|
page read and write
|
||
|
61C6000
|
unkown
|
page read and write
|
||
|
FE0000
|
heap
|
page read and write
|
||
|
27A0000
|
heap
|
page read and write
|
||
|
6070000
|
unkown
|
page read and write
|
||
|
62A9000
|
unkown
|
page read and write
|
||
|
1590000
|
heap
|
page read and write
|
||
|
27AE000
|
stack
|
page read and write
|
||
|
5D6E000
|
stack
|
page read and write
|
||
|
61BC000
|
unkown
|
page read and write
|
||
|
3437000
|
heap
|
page read and write
|
||
|
250E000
|
stack
|
page read and write
|
||
|
33F0000
|
heap
|
page read and write
|
||
|
61C5000
|
unkown
|
page read and write
|
||
|
6BC72000
|
unkown
|
page readonly
|
||
|
2ED0000
|
heap
|
page read and write
|
||
|
3427000
|
heap
|
page read and write
|
||
|
18E53B58000
|
trusted library allocation
|
page read and write
|
||
|
6F030000
|
unkown
|
page readonly
|
||
|
4080000
|
unkown
|
page read and write
|
||
|
33A0000
|
heap
|
page read and write
|
||
|
2510000
|
heap
|
page read and write
|
||
|
7A4000
|
heap
|
page read and write
|
||
|
18E52414000
|
heap
|
page read and write
|
||
|
2683000
|
trusted library allocation
|
page execute and read and write
|
||
|
3F9000
|
unkown
|
page read and write
|
||
|
6FB0000
|
trusted library allocation
|
page read and write
|
||
|
5229000
|
direct allocation
|
page read and write
|
||
|
6C54C000
|
unkown
|
page readonly
|
||
|
61C6000
|
unkown
|
page read and write
|
||
|
61BA000
|
unkown
|
page read and write
|
||
|
56C000
|
stack
|
page read and write
|
||
|
5ABE000
|
stack
|
page read and write
|
||
|
2F74000
|
heap
|
page read and write
|
||
|
4893000
|
trusted library allocation
|
page read and write
|
||
|
18E5042F000
|
heap
|
page read and write
|
||
|
27EF000
|
stack
|
page read and write
|
||
|
EAC000
|
stack
|
page read and write
|
||
|
6BD6D000
|
unkown
|
page write copy
|
||
|
6F0CA000
|
unkown
|
page read and write
|
||
|
18E531AF000
|
trusted library allocation
|
page read and write
|
||
|
F5E000
|
stack
|
page read and write
|
||
|
16F0000
|
heap
|
page read and write
|
||
|
2F74000
|
heap
|
page read and write
|
||
|
61B5000
|
unkown
|
page read and write
|
||
|
18E531B1000
|
trusted library allocation
|
page read and write
|
||
|
6D10000
|
heap
|
page read and write
|
||
|
18E53A6D000
|
trusted library allocation
|
page read and write
|
||
|
7A50000
|
trusted library allocation
|
page read and write
|
||
|
6257000
|
unkown
|
page read and write
|
||
|
621C000
|
unkown
|
page read and write
|
||
|
61B3000
|
unkown
|
page read and write
|
||
|
18E523BF000
|
heap
|
page read and write
|
||
|
18E52CF2000
|
trusted library allocation
|
page read and write
|
||
|
18E51DC0000
|
trusted library allocation
|
page read and write
|
||
|
68DB000
|
stack
|
page read and write
|
||
|
18E53767000
|
trusted library allocation
|
page read and write
|
||
|
61C6000
|
unkown
|
page read and write
|
||
|
61C6000
|
unkown
|
page read and write
|
||
|
61C6000
|
unkown
|
page read and write
|
||
|
6BC03000
|
unkown
|
page read and write
|
||
|
6C73A000
|
unkown
|
page readonly
|
||
|
606E000
|
stack
|
page read and write
|
||
|
18E533EE000
|
trusted library allocation
|
page read and write
|
||
|
2690000
|
trusted library allocation
|
page read and write
|
||
|
6205000
|
unkown
|
page read and write
|
||
|
18E53C61000
|
trusted library allocation
|
page read and write
|
||
|
6AEF000
|
stack
|
page read and write
|
||
|
42BD000
|
unkown
|
page read and write
|
||
|
4669000
|
unkown
|
page read and write
|
||
|
1380000
|
heap
|
page read and write
|
||
|
61C6000
|
unkown
|
page read and write
|
||
|
3441000
|
heap
|
page read and write
|
||
|
68BE000
|
unkown
|
page read and write
|
||
|
61FD000
|
unkown
|
page read and write
|
||
|
18E534DA000
|
trusted library allocation
|
page read and write
|
||
|
18E53645000
|
trusted library allocation
|
page read and write
|
||
|
18E52248000
|
heap
|
page read and write
|
||
|
18E53D4E000
|
trusted library allocation
|
page read and write
|
||
|
61A9000
|
unkown
|
page read and write
|
||
|
18E53798000
|
trusted library allocation
|
page read and write
|
||
|
18E5308F000
|
trusted library allocation
|
page read and write
|
||
|
3433000
|
heap
|
page read and write
|
||
|
18E53001000
|
trusted library allocation
|
page read and write
|
||
|
18E53751000
|
trusted library allocation
|
page read and write
|
||
|
6E40000
|
heap
|
page execute and read and write
|
||
|
FAB000
|
stack
|
page read and write
|
||
|
2F74000
|
heap
|
page read and write
|
||
|
15DE000
|
stack
|
page read and write
|
||
|
18E52F86000
|
trusted library allocation
|
page read and write
|
||
|
18E52EE3000
|
trusted library allocation
|
page read and write
|
||
|
323A000
|
stack
|
page read and write
|
||
|
61D6000
|
unkown
|
page read and write
|
||
|
18E52C87000
|
trusted library allocation
|
page read and write
|
||
|
18E549AD000
|
trusted library allocation
|
page read and write
|
||
|
597E000
|
stack
|
page read and write
|
||
|
6BC10000
|
unkown
|
page readonly
|
||
|
18E53827000
|
trusted library allocation
|
page read and write
|
||
|
6C839000
|
unkown
|
page read and write
|
||
|
331A9BE000
|
stack
|
page read and write
|
||
|
3771000
|
heap
|
page read and write
|
||
|
6206000
|
unkown
|
page read and write
|
||
|
1453000
|
heap
|
page read and write
|
||
|
61A7000
|
unkown
|
page read and write
|
||
|
61A7000
|
unkown
|
page read and write
|
||
|
61AF000
|
unkown
|
page read and write
|
||
|
61D6000
|
unkown
|
page read and write
|
||
|
3424000
|
heap
|
page read and write
|
||
|
15F0000
|
heap
|
page read and write
|
||
|
2694000
|
heap
|
page read and write
|
||
|
6F009000
|
unkown
|
page readonly
|
||
|
6E20000
|
trusted library allocation
|
page execute and read and write
|
||
|
61BA000
|
unkown
|
page read and write
|
||
|
6238000
|
unkown
|
page read and write
|
||
|
3CD2000
|
heap
|
page read and write
|
||
|
61C6000
|
unkown
|
page read and write
|
||
|
61C6000
|
unkown
|
page read and write
|
||
|
4F0A000
|
heap
|
page read and write
|
||
|
3441000
|
heap
|
page read and write
|
||
|
18E52F29000
|
trusted library allocation
|
page read and write
|
||
|
18E5323E000
|
trusted library allocation
|
page read and write
|
||
|
26AA000
|
trusted library allocation
|
page execute and read and write
|
||
|
18E53EFF000
|
trusted library allocation
|
page read and write
|
||
|
18E549AF000
|
trusted library allocation
|
page read and write
|
||
|
6213000
|
unkown
|
page read and write
|
||
|
7E0000
|
unkown
|
page readonly
|
||
|
18E52F3F000
|
trusted library allocation
|
page read and write
|
||
|
3443000
|
heap
|
page read and write
|
||
|
61A6000
|
unkown
|
page read and write
|
||
|
4620000
|
heap
|
page execute and read and write
|
||
|
26D0000
|
heap
|
page read and write
|
||
|
3319F45000
|
stack
|
page read and write
|
||
|
12F0000
|
heap
|
page read and write
|
||
|
18E53C30000
|
trusted library allocation
|
page read and write
|
||
|
2F60000
|
heap
|
page read and write
|
||
|
18E549F3000
|
trusted library allocation
|
page read and write
|
||
|
405000
|
unkown
|
page readonly
|
||
|
49BD000
|
trusted library allocation
|
page read and write
|
||
|
6216000
|
unkown
|
page read and write
|
||
|
265F000
|
stack
|
page read and write
|
||
|
2FD5000
|
heap
|
page read and write
|
||
|
331B40E000
|
stack
|
page read and write
|
||
|
864000
|
unkown
|
page readonly
|
||
|
18E549C3000
|
trusted library allocation
|
page read and write
|
||
|
331A7BA000
|
stack
|
page read and write
|
||
|
18E5383E000
|
trusted library allocation
|
page read and write
|
||
|
142E000
|
stack
|
page read and write
|
||
|
6F009000
|
unkown
|
page readonly
|
||
|
644B000
|
unkown
|
page read and write
|
||
|
2EBC000
|
stack
|
page read and write
|
||
|
18E52E51000
|
trusted library allocation
|
page read and write
|
||
|
6B92000
|
heap
|
page read and write
|
||
|
16EE000
|
stack
|
page read and write
|
||
|
61DF000
|
unkown
|
page read and write
|
||
|
5D00000
|
remote allocation
|
page read and write
|
||
|
61E6000
|
unkown
|
page read and write
|
||
|
2680000
|
trusted library allocation
|
page read and write
|
||
|
61BF000
|
unkown
|
page read and write
|
||
|
4880000
|
trusted library allocation
|
page read and write
|
||
|
6BC81000
|
unkown
|
page execute read
|
||
|
62A1000
|
unkown
|
page read and write
|
||
|
2520000
|
heap
|
page read and write
|
||
|
61DF000
|
unkown
|
page read and write
|
||
|
44C0000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
5100000
|
direct allocation
|
page read and write
|
||
|
342F000
|
heap
|
page read and write
|
||
|
E5E000
|
stack
|
page read and write
|
||
|
2F74000
|
heap
|
page read and write
|
||
|
61AB000
|
unkown
|
page read and write
|
||
|
6F0DF000
|
unkown
|
page read and write
|
||
|
5F1F000
|
stack
|
page read and write
|
||
|
7A90000
|
heap
|
page read and write
|
||
|
2694000
|
heap
|
page read and write
|
||
|
1210000
|
heap
|
page read and write
|
||
|
61C6000
|
unkown
|
page read and write
|
||
|
48A8000
|
trusted library allocation
|
page read and write
|
||
|
61A2000
|
unkown
|
page read and write
|
||
|
6300000
|
unkown
|
page read and write
|
||
|
1421000
|
heap
|
page read and write
|
||
|
61C6000
|
unkown
|
page read and write
|
||
|
3413000
|
heap
|
page read and write
|
||
|
2F74000
|
heap
|
page read and write
|
||
|
61D6000
|
unkown
|
page read and write
|
||
|
5EDE000
|
stack
|
page read and write
|
||
|
61B4000
|
unkown
|
page read and write
|
||
|
26B2000
|
trusted library allocation
|
page read and write
|
||
|
61A7000
|
unkown
|
page read and write
|
||
|
3EA0000
|
trusted library allocation
|
page read and write
|
||
|
18E53631000
|
trusted library allocation
|
page read and write
|
||
|
6F009000
|
unkown
|
page readonly
|
||
|
18E66141000
|
trusted library allocation
|
page read and write
|
||
|
330E000
|
stack
|
page read and write
|
||
|
18E532CD000
|
trusted library allocation
|
page read and write
|
||
|
6D85000
|
heap
|
page read and write
|
||
|
61A1000
|
unkown
|
page read and write
|
||
|
EAC000
|
stack
|
page read and write
|
||
|
3419000
|
heap
|
page read and write
|
||
|
61B5000
|
unkown
|
page read and write
|
||
|
4911000
|
unkown
|
page read and write
|
||
|
61D8000
|
unkown
|
page read and write
|
||
|
4001000
|
unkown
|
page read and write
|
||
|
2E4C000
|
stack
|
page read and write
|
||
|
18E538CD000
|
trusted library allocation
|
page read and write
|
||
|
18E53EA1000
|
trusted library allocation
|
page read and write
|
||
|
15EE000
|
stack
|
page read and write
|
||
|
1A0000
|
heap
|
page read and write
|
||
|
18E53CEF000
|
trusted library allocation
|
page read and write
|
||
|
61C5000
|
unkown
|
page read and write
|
||
|
466D000
|
stack
|
page read and write
|
||
|
7E1000
|
unkown
|
page execute read
|
||
|
61B5000
|
unkown
|
page read and write
|
||
|
61ED000
|
unkown
|
page read and write
|
||
|
61C6000
|
unkown
|
page read and write
|
||
|
620F000
|
unkown
|
page read and write
|
||
|
331A8BE000
|
stack
|
page read and write
|
||
|
3435000
|
heap
|
page read and write
|
||
|
2660000
|
direct allocation
|
page read and write
|
||
|
4420000
|
trusted library allocation
|
page read and write
|
||
|
61AD000
|
unkown
|
page read and write
|
||
|
3434000
|
heap
|
page read and write
|
||
|
62C8000
|
unkown
|
page read and write
|
||
|
3F0A000
|
unkown
|
page read and write
|
||
|
6D6C000
|
heap
|
page read and write
|
||
|
5681000
|
trusted library allocation
|
page read and write
|
||
|
18E51E90000
|
heap
|
page execute and read and write
|
||
|
4180000
|
unkown
|
page read and write
|
||
|
4625000
|
heap
|
page execute and read and write
|
||
|
18E53915000
|
trusted library allocation
|
page read and write
|
||
|
61B2000
|
unkown
|
page read and write
|
||
|
61D7000
|
unkown
|
page read and write
|
||
|
1335000
|
heap
|
page read and write
|
||
|
61A8000
|
unkown
|
page read and write
|
||
|
61AE000
|
unkown
|
page read and write
|
||
|
6C53F000
|
unkown
|
page write copy
|
||
|
7A0000
|
heap
|
page read and write
|
||
|
18E53E27000
|
trusted library allocation
|
page read and write
|
||
|
6380000
|
unkown
|
page read and write
|
||
|
26B5000
|
trusted library allocation
|
page execute and read and write
|
||
|
3438000
|
heap
|
page read and write
|
||
|
18E53FC1000
|
trusted library allocation
|
page read and write
|
||
|
18E64D41000
|
trusted library allocation
|
page read and write
|
||
|
61C6000
|
unkown
|
page read and write
|
||
|
61EA000
|
unkown
|
page read and write
|
||
|
18E531C5000
|
trusted library allocation
|
page read and write
|
||
|
23A6000
|
heap
|
page read and write
|
||
|
457D000
|
direct allocation
|
page read and write
|
||
|
37CA000
|
heap
|
page read and write
|
||
|
3153000
|
unkown
|
page read and write
|
||
|
61DE000
|
unkown
|
page read and write
|
||
|
6C782000
|
unkown
|
page readonly
|
||
|
DE8000
|
unkown
|
page readonly
|
||
|
6F030000
|
unkown
|
page readonly
|
||
|
6E10000
|
trusted library allocation
|
page read and write
|
||
|
6C839000
|
unkown
|
page read and write
|
||
|
18E64341000
|
trusted library allocation
|
page read and write
|
||
|
18E538B9000
|
trusted library allocation
|
page read and write
|
||
|
7A4000
|
heap
|
page read and write
|
||
|
3FCD000
|
trusted library allocation
|
page read and write
|
||
|
61D6000
|
unkown
|
page read and write
|
||
|
DE3000
|
unkown
|
page write copy
|
||
|
61AB000
|
unkown
|
page read and write
|
||
|
529E000
|
direct allocation
|
page read and write
|
||
|
6239000
|
unkown
|
page read and write
|
||
|
3434000
|
heap
|
page read and write
|
||
|
320E000
|
heap
|
page read and write
|
||
|
2F75000
|
heap
|
page read and write
|
||
|
61C6000
|
unkown
|
page read and write
|
||
|
18E53BD1000
|
trusted library allocation
|
page read and write
|
||
|
42B7000
|
unkown
|
page read and write
|
||
|
54B0000
|
unkown
|
page read and write
|
||
|
61D6000
|
unkown
|
page read and write
|
||
|
61E0000
|
unkown
|
page read and write
|
||
|
5CFD000
|
stack
|
page read and write
|
||
|
61F5000
|
unkown
|
page read and write
|
||
|
18E533A8000
|
trusted library allocation
|
page read and write
|
||
|
18E54A51000
|
trusted library allocation
|
page read and write
|
||
|
61C5000
|
unkown
|
page read and write
|
||
|
56A9000
|
trusted library allocation
|
page read and write
|
||
|
3423000
|
heap
|
page read and write
|
||
|
6C73A000
|
unkown
|
page readonly
|
||
|
18E52EAF000
|
trusted library allocation
|
page read and write
|
||
|
6BB51000
|
unkown
|
page execute read
|
||
|
5A7D000
|
stack
|
page read and write
|
||
|
18E523C9000
|
heap
|
page read and write
|
||
|
18E53E10000
|
trusted library allocation
|
page read and write
|
||
|
61BA000
|
unkown
|
page read and write
|
||
|
18E53318000
|
trusted library allocation
|
page read and write
|
||
|
18E53167000
|
trusted library allocation
|
page read and write
|
||
|
61AC000
|
unkown
|
page read and write
|
||
|
6BC10000
|
unkown
|
page readonly
|
||
|
3433000
|
heap
|
page read and write
|
||
|
DE3000
|
unkown
|
page write copy
|
||
|
32F7000
|
heap
|
page read and write
|
||
|
4460000
|
unkown
|
page read and write
|
||
|
18E5043D000
|
heap
|
page read and write
|
||
|
61C6000
|
unkown
|
page read and write
|
||
|
61B5000
|
unkown
|
page read and write
|
||
|
677E000
|
stack
|
page read and write
|
||
|
6F0E0000
|
unkown
|
page readonly
|
||
|
61D6000
|
unkown
|
page read and write
|
||
|
61F5000
|
unkown
|
page read and write
|
||
|
18E53872000
|
trusted library allocation
|
page read and write
|
||
|
61C7000
|
unkown
|
page read and write
|
||
|
5E6F000
|
stack
|
page read and write
|
||
|
DE3000
|
unkown
|
page write copy
|
||
|
18E53886000
|
trusted library allocation
|
page read and write
|
||
|
134F000
|
heap
|
page read and write
|
||
|
7A4000
|
heap
|
page read and write
|
||
|
18E52D7D000
|
trusted library allocation
|
page read and write
|
||
|
6214000
|
unkown
|
page read and write
|
||
|
18E50330000
|
heap
|
page read and write
|
||
|
61F0000
|
unkown
|
page read and write
|
||
|
18E52FCE000
|
trusted library allocation
|
page read and write
|
||
|
6EFD0000
|
unkown
|
page readonly
|
||
|
18E65741000
|
trusted library allocation
|
page read and write
|
||
|
61C5000
|
unkown
|
page read and write
|
||
|
49B2000
|
trusted library allocation
|
page read and write
|
||
|
331A5F8000
|
stack
|
page read and write
|
||
|
18E53A38000
|
trusted library allocation
|
page read and write
|
||
|
18E53F48000
|
trusted library allocation
|
page read and write
|
||
|
6FF0000
|
trusted library allocation
|
page read and write
|
||
|
3448000
|
heap
|
page read and write
|
||
|
6F0C7000
|
unkown
|
page write copy
|
||
|
18E52D06000
|
trusted library allocation
|
page read and write
|
||
|
61BA000
|
unkown
|
page read and write
|
||
|
18E532E4000
|
trusted library allocation
|
page read and write
|
||
|
26F0000
|
trusted library allocation
|
page read and write
|
||
|
18E537F6000
|
trusted library allocation
|
page read and write
|
||
|
61DE000
|
unkown
|
page read and write
|
||
|
24AC000
|
stack
|
page read and write
|
||
|
3428000
|
heap
|
page read and write
|
||
|
18E53F7C000
|
trusted library allocation
|
page read and write
|
||
|
18E53D83000
|
trusted library allocation
|
page read and write
|
||
|
3B4A000
|
heap
|
page read and write
|
||
|
3424000
|
heap
|
page read and write
|
||
|
18E53947000
|
trusted library allocation
|
page read and write
|
||
|
18E52EE1000
|
trusted library allocation
|
page read and write
|
||
|
6BD29000
|
unkown
|
page readonly
|
||
|
6BC08000
|
unkown
|
page readonly
|
||
|
6BC11000
|
unkown
|
page execute read
|
||
|
61AC000
|
unkown
|
page read and write
|
||
|
3437000
|
heap
|
page read and write
|
||
|
409000
|
unkown
|
page write copy
|
||
|
61C5000
|
unkown
|
page read and write
|
||
|
18E51D90000
|
trusted library allocation
|
page read and write
|
||
|
18E535E7000
|
trusted library allocation
|
page read and write
|
||
|
2694000
|
heap
|
page read and write
|
||
|
534E000
|
direct allocation
|
page read and write
|
||
|
18E549D6000
|
trusted library allocation
|
page read and write
|
||
|
6F022000
|
unkown
|
page read and write
|
||
|
6B2E000
|
stack
|
page read and write
|
||
|
3B0000
|
unkown
|
page readonly
|
||
|
1244000
|
heap
|
page read and write
|
||
|
3370000
|
heap
|
page read and write
|
||
|
2EE0000
|
heap
|
page read and write
|
||
|
61C6000
|
unkown
|
page read and write
|
||
|
6EFD1000
|
unkown
|
page execute read
|
||
|
18E533BC000
|
trusted library allocation
|
page read and write
|
||
|
621E000
|
unkown
|
page read and write
|
||
|
18E53D81000
|
trusted library allocation
|
page read and write
|
||
|
61C6000
|
unkown
|
page read and write
|
||
|
5689000
|
trusted library allocation
|
page read and write
|
||
|
6F022000
|
unkown
|
page read and write
|
||
|
DE4000
|
unkown
|
page read and write
|
||
|
6C5D0000
|
unkown
|
page readonly
|
||
|
6F022000
|
unkown
|
page read and write
|
||
|
18E50433000
|
heap
|
page read and write
|
||
|
6BD6E000
|
unkown
|
page read and write
|
||
|
18E53418000
|
trusted library allocation
|
page read and write
|
||
|
61C6000
|
unkown
|
page read and write
|
||
|
18E50390000
|
heap
|
page read and write
|
||
|
2FE0000
|
heap
|
page read and write
|
||
|
6F031000
|
unkown
|
page execute read
|
||
|
489C000
|
trusted library allocation
|
page read and write
|
||
|
331A63E000
|
stack
|
page read and write
|
||
|
18E530DA000
|
trusted library allocation
|
page read and write
|
||
|
6BC72000
|
unkown
|
page readonly
|
||
|
61F5000
|
unkown
|
page read and write
|
||
|
3A88000
|
heap
|
page read and write
|
||
|
6C5D1000
|
unkown
|
page execute read
|
||
|
18E53E59000
|
trusted library allocation
|
page read and write
|
||
|
61A9000
|
unkown
|
page read and write
|
||
|
3410000
|
heap
|
page read and write
|
||
|
18E53EEB000
|
trusted library allocation
|
page read and write
|
||
|
6BD6D000
|
unkown
|
page write copy
|
||
|
2FBE000
|
stack
|
page read and write
|
||
|
2527000
|
heap
|
page read and write
|
||
|
61B8000
|
unkown
|
page read and write
|
||
|
3444000
|
heap
|
page read and write
|
||
|
18E53BA0000
|
trusted library allocation
|
page read and write
|
||
|
18E52E99000
|
trusted library allocation
|
page read and write
|
||
|
6227000
|
unkown
|
page read and write
|
||
|
FE0000
|
heap
|
page read and write
|
||
|
50A6000
|
trusted library allocation
|
page read and write
|
||
|
61C5000
|
unkown
|
page read and write
|
||
|
23EE000
|
stack
|
page read and write
|
||
|
18E53404000
|
trusted library allocation
|
page read and write
|
||
|
3433000
|
heap
|
page read and write
|
||
|
18E5347C000
|
trusted library allocation
|
page read and write
|
||
|
6BB51000
|
unkown
|
page execute read
|
||
|
67BA000
|
stack
|
page read and write
|
||
|
61DF000
|
unkown
|
page read and write
|
||
|
4FFA000
|
trusted library allocation
|
page read and write
|
||
|
7E1000
|
unkown
|
page execute read
|
||
|
48EE000
|
trusted library allocation
|
page read and write
|
||
|
18E53E6F000
|
trusted library allocation
|
page read and write
|
||
|
1244000
|
heap
|
page read and write
|
||
|
61D6000
|
unkown
|
page read and write
|
||
|
18E5311F000
|
trusted library allocation
|
page read and write
|
||
|
45CE000
|
stack
|
page read and write
|
||
|
61FB000
|
unkown
|
page read and write
|
||
|
18E53B42000
|
trusted library allocation
|
page read and write
|
||
|
18E52480000
|
heap
|
page execute and read and write
|
||
|
152F000
|
stack
|
page read and write
|
||
|
138E000
|
heap
|
page read and write
|
||
|
61C5000
|
unkown
|
page read and write
|
||
|
61B4000
|
unkown
|
page read and write
|
||
|
18E52E0A000
|
trusted library allocation
|
page read and write
|
||
|
61FD000
|
unkown
|
page read and write
|
||
|
2FFF000
|
stack
|
page read and write
|
||
|
331A27E000
|
stack
|
page read and write
|
||
|
273E000
|
stack
|
page read and write
|
||
|
61C6000
|
unkown
|
page read and write
|
||
|
3456000
|
heap
|
page read and write
|
||
|
6BC81000
|
unkown
|
page execute read
|
||
|
6BC05000
|
unkown
|
page write copy
|
||
|
18E53992000
|
trusted library allocation
|
page read and write
|
||
|
61DE000
|
unkown
|
page read and write
|
||
|
46B2000
|
unkown
|
page read and write
|
||
|
331A579000
|
stack
|
page read and write
|
||
|
61C6000
|
unkown
|
page read and write
|
||
|
689D000
|
stack
|
page read and write
|
||
|
18E624FF000
|
trusted library allocation
|
page read and write
|
||
|
2EEA000
|
heap
|
page read and write
|
||
|
61B5000
|
unkown
|
page read and write
|
||
|
18E52DDA000
|
trusted library allocation
|
page read and write
|
||
|
18E537AE000
|
trusted library allocation
|
page read and write
|
||
|
6EFD0000
|
unkown
|
page readonly
|
||
|
54B1000
|
unkown
|
page read and write
|
||
|
6BC05000
|
unkown
|
page write copy
|
||
|
18E52E9B000
|
trusted library allocation
|
page read and write
|
||
|
61B7000
|
unkown
|
page read and write
|
||
|
537D000
|
direct allocation
|
page read and write
|
||
|
61B7000
|
unkown
|
page read and write
|
||
|
620F000
|
unkown
|
page read and write
|
||
|
61AB000
|
unkown
|
page read and write
|
||
|
18E53F34000
|
trusted library allocation
|
page read and write
|
||
|
3415000
|
heap
|
page read and write
|
||
|
61AB000
|
unkown
|
page read and write
|
||
|
62AF000
|
unkown
|
page read and write
|
||
|
61D6000
|
unkown
|
page read and write
|
||
|
6BC03000
|
unkown
|
page read and write
|
||
|
3C49000
|
trusted library allocation
|
page read and write
|
||
|
18E52370000
|
heap
|
page read and write
|
||
|
343D000
|
heap
|
page read and write
|
||
|
6C839000
|
unkown
|
page read and write
|
||
|
6214000
|
unkown
|
page read and write
|
||
|
61A1000
|
unkown
|
page read and write
|
||
|
18E524D1000
|
trusted library allocation
|
page read and write
|
||
|
4287000
|
unkown
|
page read and write
|
||
|
61BA000
|
unkown
|
page read and write
|
||
|
61D6000
|
unkown
|
page read and write
|
||
|
61D6000
|
unkown
|
page read and write
|
||
|
61C6000
|
unkown
|
page read and write
|
||
|
7E1000
|
unkown
|
page execute read
|
||
|
18E54A82000
|
trusted library allocation
|
page read and write
|
||
|
61BF000
|
unkown
|
page read and write
|
||
|
18E53169000
|
trusted library allocation
|
page read and write
|
||
|
6C83B000
|
unkown
|
page readonly
|
||
|
61AE000
|
unkown
|
page read and write
|
||
|
7A4000
|
heap
|
page read and write
|
||
|
62E0000
|
unkown
|
page read and write
|
||
|
61C6000
|
unkown
|
page read and write
|
||
|
2694000
|
heap
|
page read and write
|
||
|
331E000
|
unkown
|
page read and write
|
||
|
6EFD1000
|
unkown
|
page execute read
|
||
|
18E533A6000
|
trusted library allocation
|
page read and write
|
||
|
61A4000
|
unkown
|
page read and write
|
||
|
18E50439000
|
heap
|
page read and write
|
||
|
61C6000
|
unkown
|
page read and write
|
||
|
522D000
|
direct allocation
|
page read and write
|
||
|
18E53A81000
|
trusted library allocation
|
page read and write
|
||
|
EC000
|
stack
|
page read and write
|
||
|
18E53C1C000
|
trusted library allocation
|
page read and write
|
||
|
1244000
|
heap
|
page read and write
|
||
|
6227000
|
unkown
|
page read and write
|
||
|
32D0000
|
heap
|
page read and write
|
||
|
1640000
|
heap
|
page read and write
|
||
|
514B000
|
trusted library allocation
|
page read and write
|
||
|
3F00000
|
trusted library allocation
|
page read and write
|
||
|
3443000
|
heap
|
page read and write
|
||
|
7B0000
|
heap
|
page read and write
|
||
|
4670000
|
heap
|
page execute and read and write
|
||
|
18E51E97000
|
heap
|
page execute and read and write
|
||
|
61D6000
|
unkown
|
page read and write
|
||
|
7E0000
|
unkown
|
page readonly
|
||
|
61AD000
|
unkown
|
page read and write
|
||
|
3433000
|
heap
|
page read and write
|
||
|
18E5496B000
|
trusted library allocation
|
page read and write
|
||
|
61C5000
|
unkown
|
page read and write
|
||
|
6F031000
|
unkown
|
page execute read
|
||
|
51B0000
|
direct allocation
|
page read and write
|
||
|
681E000
|
stack
|
page read and write
|
||
|
61FC000
|
unkown
|
page read and write
|
||
|
DE8000
|
unkown
|
page readonly
|
||
|
128000
|
stack
|
page read and write
|
||
|
61C6000
|
unkown
|
page read and write
|
||
|
5BFD000
|
stack
|
page read and write
|
||
|
44D7000
|
unkown
|
page read and write
|
||
|
68E0000
|
heap
|
page read and write
|
||
|
7E1000
|
unkown
|
page execute read
|
||
|
2C6E000
|
heap
|
page read and write
|
||
|
2670000
|
trusted library allocation
|
page read and write
|
||
|
18E52E21000
|
trusted library allocation
|
page read and write
|
||
|
3206000
|
heap
|
page read and write
|
||
|
18E53FEB000
|
trusted library allocation
|
page read and write
|
||
|
18E538B7000
|
trusted library allocation
|
page read and write
|
||
|
61E3000
|
unkown
|
page read and write
|
||
|
18E53B8A000
|
trusted library allocation
|
page read and write
|
||
|
18E539EE000
|
trusted library allocation
|
page read and write
|
||
|
620E000
|
unkown
|
page read and write
|
||
|
622D000
|
unkown
|
page read and write
|
||
|
61D6000
|
unkown
|
page read and write
|
||
|
6C54C000
|
unkown
|
page readonly
|
||
|
6BD90000
|
unkown
|
page readonly
|
||
|
5BBF000
|
stack
|
page read and write
|
||
|
6F023000
|
unkown
|
page readonly
|
||
|
3411000
|
heap
|
page read and write
|
||
|
6BD90000
|
unkown
|
page readonly
|
||
|
3270000
|
heap
|
page read and write
|
||
|
3770000
|
heap
|
page read and write
|
||
|
18E53C77000
|
trusted library allocation
|
page read and write
|
||
|
2790000
|
trusted library allocation
|
page execute and read and write
|
||
|
61BA000
|
unkown
|
page read and write
|
||
|
6BD71000
|
unkown
|
page readonly
|
||
|
61AF000
|
unkown
|
page read and write
|
||
|
6BC05000
|
unkown
|
page write copy
|
||
|
61CB000
|
unkown
|
page read and write
|
||
|
6FE0000
|
trusted library allocation
|
page read and write
|
||
|
148A000
|
heap
|
page read and write
|
||
|
49A2000
|
trusted library allocation
|
page read and write
|
||
|
331A739000
|
stack
|
page read and write
|
||
|
1D1000
|
unkown
|
page readonly
|
||
|
6C548000
|
unkown
|
page read and write
|
||
|
33F7000
|
heap
|
page read and write
|
||
|
61BC000
|
unkown
|
page read and write
|
||
|
331A93C000
|
stack
|
page read and write
|
||
|
6D7D000
|
heap
|
page read and write
|
||
|
7A4000
|
heap
|
page read and write
|
||
|
3350000
|
heap
|
page read and write
|
||
|
6C0000
|
heap
|
page read and write
|
||
|
864000
|
unkown
|
page readonly
|
||
|
61E8000
|
unkown
|
page read and write
|
||
|
DE3000
|
unkown
|
page write copy
|
||
|
18E51EF5000
|
heap
|
page read and write
|
||
|
61D6000
|
unkown
|
page read and write
|
||
|
18E5497C000
|
trusted library allocation
|
page read and write
|
||
|
61D6000
|
unkown
|
page read and write
|
||
|
6BC08000
|
unkown
|
page readonly
|
||
|
864000
|
unkown
|
page readonly
|
||
|
3444000
|
heap
|
page read and write
|
||
|
18E53677000
|
trusted library allocation
|
page read and write
|
||
|
7000000
|
trusted library allocation
|
page read and write
|
||
|
36B0000
|
heap
|
page read and write
|
||
|
61AB000
|
unkown
|
page read and write
|
||
|
7A10000
|
trusted library allocation
|
page execute and read and write
|
||
|
447E000
|
stack
|
page read and write
|
||
|
5F60000
|
heap
|
page read and write
|
||
|
18E53B10000
|
trusted library allocation
|
page read and write
|
||
|
331A6B7000
|
stack
|
page read and write
|
||
|
61F5000
|
unkown
|
page read and write
|
||
|
DE3000
|
unkown
|
page write copy
|
||
|
268D000
|
trusted library allocation
|
page execute and read and write
|
||
|
5F5E000
|
stack
|
page read and write
|
||
|
61C5000
|
unkown
|
page read and write
|
||
|
1244000
|
heap
|
page read and write
|
||
|
61C5000
|
unkown
|
page read and write
|
||
|
18E50335000
|
heap
|
page read and write
|
||
|
61DF000
|
unkown
|
page read and write
|
||
|
27A8000
|
heap
|
page read and write
|
||
|
1E5000
|
unkown
|
page readonly
|
||
|
47D9000
|
trusted library allocation
|
page read and write
|
||
|
3441000
|
heap
|
page read and write
|
||
|
18E532D0000
|
trusted library allocation
|
page read and write
|
||
|
18E547EA000
|
trusted library allocation
|
page read and write
|
||
|
6BC6E000
|
unkown
|
page read and write
|
||
|
61D6000
|
unkown
|
page read and write
|
||
|
55B0000
|
unkown
|
page read and write
|
||
|
2FBF000
|
stack
|
page read and write
|
||
|
864000
|
unkown
|
page readonly
|
||
|
18E53AFC000
|
trusted library allocation
|
page read and write
|
||
|
344F000
|
heap
|
page read and write
|
||
|
441E000
|
stack
|
page read and write
|
||
|
61D6000
|
unkown
|
page read and write
|
||
|
18E524C0000
|
heap
|
page execute and read and write
|
||
|
61FD000
|
unkown
|
page read and write
|
||
|
6236000
|
unkown
|
page read and write
|
||
|
2C76000
|
heap
|
page read and write
|
||
|
61D4000
|
unkown
|
page read and write
|
||
|
61D0000
|
unkown
|
page read and write
|
||
|
18E53373000
|
trusted library allocation
|
page read and write
|
||
|
18E52F70000
|
trusted library allocation
|
page read and write
|
||
|
18E54A98000
|
trusted library allocation
|
page read and write
|
||
|
7A4000
|
heap
|
page read and write
|
||
|
6BD29000
|
unkown
|
page readonly
|
||
|
4DB8000
|
heap
|
page read and write
|
||
|
66B000
|
stack
|
page read and write
|
||
|
3428000
|
heap
|
page read and write
|
||
|
3CBE000
|
trusted library allocation
|
page read and write
|
||
|
5379000
|
direct allocation
|
page read and write
|
||
|
3437000
|
heap
|
page read and write
|
||
|
3423000
|
heap
|
page read and write
|
||
|
6BC80000
|
unkown
|
page readonly
|
||
|
61C6000
|
unkown
|
page read and write
|
||
|
61D6000
|
unkown
|
page read and write
|
||
|
1244000
|
heap
|
page read and write
|
||
|
6BB51000
|
unkown
|
page execute read
|
||
|
6205000
|
unkown
|
page read and write
|
||
|
2E35000
|
heap
|
page read and write
|
||
|
61CD000
|
unkown
|
page read and write
|
||
|
55B1000
|
unkown
|
page read and write
|
||
|
18E534C6000
|
trusted library allocation
|
page read and write
|
||
|
331A83E000
|
stack
|
page read and write
|
||
|
18E537DF000
|
trusted library allocation
|
page read and write
|
||
|
621E000
|
unkown
|
page read and write
|
||
|
26A0000
|
trusted library allocation
|
page read and write
|
||
|
61B1000
|
unkown
|
page read and write
|
||
|
18E5496F000
|
trusted library allocation
|
page read and write
|
||
|
49AA000
|
trusted library allocation
|
page read and write
|
||
|
4681000
|
trusted library allocation
|
page read and write
|
||
|
343C000
|
heap
|
page read and write
|
||
|
61C6000
|
unkown
|
page read and write
|
||
|
61C6000
|
unkown
|
page read and write
|
||
|
7A4000
|
heap
|
page read and write
|
||
|
18E5305D000
|
trusted library allocation
|
page read and write
|
||
|
61A4000
|
unkown
|
page read and write
|
||
|
18E53BE7000
|
trusted library allocation
|
page read and write
|
||
|
7E1000
|
unkown
|
page execute read
|
||
|
30D9000
|
unkown
|
page read and write
|
||
|
6AAE000
|
stack
|
page read and write
|
||
|
61C6000
|
unkown
|
page read and write
|
||
|
18E63941000
|
trusted library allocation
|
page read and write
|
||
|
6FC0000
|
trusted library allocation
|
page read and write
|
||
|
6F2E000
|
stack
|
page read and write
|
||
|
864000
|
unkown
|
page readonly
|
||
|
61C6000
|
unkown
|
page read and write
|
||
|
18E53AC8000
|
trusted library allocation
|
page read and write
|
||
|
3428000
|
heap
|
page read and write
|
||
|
342D000
|
heap
|
page read and write
|
||
|
61D6000
|
unkown
|
page read and write
|
||
|
43DC000
|
stack
|
page read and write
|
||
|
2694000
|
heap
|
page read and write
|
||
|
43E0000
|
unkown
|
page read and write
|
||
|
190000
|
unkown
|
page readonly
|
||
|
6C782000
|
unkown
|
page readonly
|
||
|
61C6000
|
unkown
|
page read and write
|
||
|
6F80000
|
trusted library allocation
|
page read and write
|
||
|
6EFD0000
|
unkown
|
page readonly
|
||
|
6D62000
|
heap
|
page read and write
|
||
|
7E0000
|
unkown
|
page readonly
|
||
|
3185000
|
heap
|
page read and write
|
||
|
61EF000
|
unkown
|
page read and write
|
||
|
3957000
|
heap
|
page read and write
|
||
|
18E50340000
|
heap
|
page read and write
|
||
|
3425000
|
heap
|
page read and write
|
||
|
331A47E000
|
stack
|
page read and write
|
||
|
3434000
|
heap
|
page read and write
|
||
|
331AA3B000
|
stack
|
page read and write
|
||
|
4811000
|
unkown
|
page read and write
|
||
|
3448000
|
heap
|
page read and write
|
||
|
61CB000
|
unkown
|
page read and write
|
||
|
18E53B44000
|
trusted library allocation
|
page read and write
|
||
|
33CA000
|
heap
|
page read and write
|
||
|
3444000
|
heap
|
page read and write
|
||
|
FBD000
|
stack
|
page read and write
|
||
|
61B3000
|
unkown
|
page read and write
|
||
|
3F4000
|
unkown
|
page write copy
|
||
|
6FA0000
|
trusted library allocation
|
page read and write
|
||
|
3431000
|
heap
|
page read and write
|
||
|
6C782000
|
unkown
|
page readonly
|
||
|
621E000
|
unkown
|
page read and write
|
||
|
18E503A3000
|
heap
|
page read and write
|
||
|
3F1000
|
unkown
|
page readonly
|
||
|
6B6F000
|
stack
|
page read and write
|
||
|
18E52F72000
|
trusted library allocation
|
page read and write
|
||
|
61D6000
|
unkown
|
page read and write
|
||
|
18E5344C000
|
trusted library allocation
|
page read and write
|
||
|
1244000
|
heap
|
page read and write
|
||
|
61BC000
|
unkown
|
page read and write
|
||
|
61F7000
|
unkown
|
page read and write
|
||
|
18E54977000
|
trusted library allocation
|
page read and write
|
||
|
402D000
|
trusted library allocation
|
page read and write
|
||
|
61D6000
|
unkown
|
page read and write
|
||
|
343C000
|
heap
|
page read and write
|
||
|
6F030000
|
unkown
|
page readonly
|
||
|
61C6000
|
unkown
|
page read and write
|
||
|
18E53286000
|
trusted library allocation
|
page read and write
|
||
|
42D0000
|
unkown
|
page read and write
|
||
|
18E53CF2000
|
trusted library allocation
|
page read and write
|
||
|
FE4000
|
heap
|
page read and write
|
||
|
6CBE000
|
stack
|
page read and write
|
||
|
42E6000
|
unkown
|
page read and write
|
||
|
2680000
|
heap
|
page read and write
|
||
|
6F0E0000
|
unkown
|
page readonly
|
||
|
3EDB000
|
unkown
|
page read and write
|
||
|
3438000
|
heap
|
page read and write
|
||
|
6F0DF000
|
unkown
|
page read and write
|
||
|
138A000
|
heap
|
page read and write
|
||
|
6E50000
|
trusted library allocation
|
page read and write
|
||
|
6F031000
|
unkown
|
page execute read
|
||
|
66BB000
|
stack
|
page read and write
|
||
|
18E5395E000
|
trusted library allocation
|
page read and write
|
||
|
61D6000
|
unkown
|
page read and write
|
||
|
18E5460E000
|
trusted library allocation
|
page read and write
|
||
|
18E53254000
|
trusted library allocation
|
page read and write
|
||
|
458E000
|
stack
|
page read and write
|
||
|
3437000
|
heap
|
page read and write
|
||
|
3319FCE000
|
stack
|
page read and write
|
||
|
18E53AF9000
|
trusted library allocation
|
page read and write
|
||
|
2F75000
|
heap
|
page read and write
|
||
|
61F5000
|
unkown
|
page read and write
|
||
|
61D7000
|
unkown
|
page read and write
|
||
|
61B1000
|
unkown
|
page read and write
|
||
|
18E53FD7000
|
trusted library allocation
|
page read and write
|
||
|
488A000
|
trusted library allocation
|
page read and write
|
||
|
18E53F7A000
|
trusted library allocation
|
page read and write
|
||
|
61E4000
|
unkown
|
page read and write
|
||
|
6C53F000
|
unkown
|
page write copy
|
||
|
61C6000
|
unkown
|
page read and write
|
||
|
66FE000
|
stack
|
page read and write
|
||
|
18E5350B000
|
trusted library allocation
|
page read and write
|
||
|
3448000
|
heap
|
page read and write
|
||
|
18E51DE0000
|
trusted library allocation
|
page read and write
|
||
|
18E53047000
|
trusted library allocation
|
page read and write
|
||
|
6388000
|
unkown
|
page read and write
|
||
|
18E52EF7000
|
trusted library allocation
|
page read and write
|
||
|
7E0000
|
unkown
|
page readonly
|
||
|
3438000
|
heap
|
page read and write
|
||
|
61AB000
|
unkown
|
page read and write
|
||
|
18E53121000
|
trusted library allocation
|
page read and write
|
||
|
18E546AE000
|
trusted library allocation
|
page read and write
|
||
|
2E30000
|
heap
|
page read and write
|
||
|
344B000
|
heap
|
page read and write
|
||
|
61B7000
|
unkown
|
page read and write
|
||
|
621B000
|
unkown
|
page read and write
|
||
|
26B0000
|
trusted library allocation
|
page read and write
|
||
|
1244000
|
heap
|
page read and write
|
||
|
331A37E000
|
stack
|
page read and write
|
||
|
63B7000
|
unkown
|
page read and write
|
||
|
61D6000
|
unkown
|
page read and write
|
||
|
61FF000
|
unkown
|
page read and write
|
||
|
18E51D80000
|
heap
|
page read and write
|
||
|
6218000
|
unkown
|
page read and write
|
||
|
6F0CA000
|
unkown
|
page read and write
|
||
|
287C000
|
heap
|
page read and write
|
||
|
61B7000
|
unkown
|
page read and write
|
||
|
FE4000
|
heap
|
page read and write
|
||
|
1D4000
|
unkown
|
page write copy
|
||
|
1240000
|
heap
|
page read and write
|
||
|
3490000
|
heap
|
page read and write
|
||
|
3438000
|
heap
|
page read and write
|
||
|
18E51E50000
|
trusted library allocation
|
page read and write
|
||
|
4910000
|
unkown
|
page read and write
|
||
|
18E53E13000
|
trusted library allocation
|
page read and write
|
||
|
68F0000
|
heap
|
page read and write
|
||
|
4579000
|
direct allocation
|
page read and write
|
||
|
18E50370000
|
heap
|
page read and write
|
||
|
16F1000
|
heap
|
page read and write
|
||
|
6BC11000
|
unkown
|
page execute read
|
||
|
61A9000
|
unkown
|
page read and write
|
||
|
61C6000
|
unkown
|
page read and write
|
||
|
61D4000
|
unkown
|
page read and write
|
||
|
61C6000
|
unkown
|
page read and write
|
||
|
7A4000
|
heap
|
page read and write
|
||
|
45EE000
|
direct allocation
|
page read and write
|
||
|
434E000
|
trusted library allocation
|
page read and write
|
||
|
18E52CAA000
|
trusted library allocation
|
page read and write
|
||
|
61C6000
|
unkown
|
page read and write
|
||
|
6C53F000
|
unkown
|
page write copy
|
||
|
6F0E0000
|
unkown
|
page readonly
|
||
|
61D4000
|
unkown
|
page read and write
|
||
|
61B2000
|
unkown
|
page read and write
|
||
|
61FE000
|
unkown
|
page read and write
|
||
|
61C6000
|
unkown
|
page read and write
|
||
|
18E52F2B000
|
trusted library allocation
|
page read and write
|
||
|
18E536D5000
|
trusted library allocation
|
page read and write
|
||
|
13F0000
|
heap
|
page read and write
|
||
|
61F5000
|
unkown
|
page read and write
|
||
|
3FC9000
|
trusted library allocation
|
page read and write
|
||
|
2F74000
|
heap
|
page read and write
|
||
|
61D6000
|
unkown
|
page read and write
|
||
|
61A2000
|
unkown
|
page read and write
|
||
|
3424000
|
heap
|
page read and write
|
||
|
61A9000
|
unkown
|
page read and write
|
||
|
18E538FF000
|
trusted library allocation
|
page read and write
|
||
|
6BC11000
|
unkown
|
page execute read
|
||
|
2780000
|
heap
|
page readonly
|
||
|
6CFE000
|
stack
|
page read and write
|
||
|
61BF000
|
unkown
|
page read and write
|
||
|
6237000
|
unkown
|
page read and write
|
||
|
18E53568000
|
trusted library allocation
|
page read and write
|
||
|
4D3F000
|
unkown
|
page read and write
|
||
|
864000
|
unkown
|
page readonly
|
||
|
18E53901000
|
trusted library allocation
|
page read and write
|
||
|
18E624FA000
|
trusted library allocation
|
page read and write
|
||
|
18E5347F000
|
trusted library allocation
|
page read and write
|
||
|
61BA000
|
unkown
|
page read and write
|
||
|
18E53EB7000
|
trusted library allocation
|
page read and write
|
||
|
2F74000
|
heap
|
page read and write
|
||
|
6C548000
|
unkown
|
page read and write
|
||
|
61BF000
|
unkown
|
page read and write
|
||
|
18E5368D000
|
trusted library allocation
|
page read and write
|
||
|
18E52E53000
|
trusted library allocation
|
page read and write
|
||
|
61A9000
|
unkown
|
page read and write
|
||
|
61EF000
|
unkown
|
page read and write
|
||
|
18E53435000
|
trusted library allocation
|
page read and write
|
||
|
18E62501000
|
trusted library allocation
|
page read and write
|
||
|
18E54624000
|
trusted library allocation
|
page read and write
|
||
|
18E50479000
|
heap
|
page read and write
|
||
|
61B2000
|
unkown
|
page read and write
|
||
|
61CD000
|
unkown
|
page read and write
|
||
|
18E53DC9000
|
trusted library allocation
|
page read and write
|
||
|
61FD000
|
unkown
|
page read and write
|
||
|
61C6000
|
unkown
|
page read and write
|
||
|
454E000
|
stack
|
page read and write
|
||
|
6C32E000
|
unkown
|
page readonly
|
||
|
2EFC000
|
stack
|
page read and write
|
||
|
673F000
|
stack
|
page read and write
|
||
|
139E000
|
stack
|
page read and write
|
||
|
6BB50000
|
unkown
|
page readonly
|
||
|
3438000
|
heap
|
page read and write
|
||
|
18E5394A000
|
trusted library allocation
|
page read and write
|
||
|
6F70000
|
trusted library allocation
|
page read and write
|
||
|
61AB000
|
unkown
|
page read and write
|
||
|
61B5000
|
unkown
|
page read and write
|
||
|
2694000
|
heap
|
page read and write
|
||
|
1EE000
|
stack
|
page read and write
|
||
|
3FE2000
|
heap
|
page read and write
|
||
|
3411000
|
heap
|
page read and write
|
||
|
16F1000
|
heap
|
page read and write
|
||
|
18E539A6000
|
trusted library allocation
|
page read and write
|
||
|
6D95000
|
heap
|
page read and write
|
||
|
61D8000
|
unkown
|
page read and write
|
||
|
6C5D0000
|
unkown
|
page readonly
|
||
|
18E535E9000
|
trusted library allocation
|
page read and write
|
||
|
61A9000
|
unkown
|
page read and write
|
||
|
18E53CBE000
|
trusted library allocation
|
page read and write
|
||
|
61C6000
|
unkown
|
page read and write
|
||
|
61D6000
|
unkown
|
page read and write
|
||
|
61CC000
|
unkown
|
page read and write
|
||
|
61C5000
|
unkown
|
page read and write
|
||
|
61C5000
|
unkown
|
page read and write
|
||
|
18E62F41000
|
trusted library allocation
|
page read and write
|
||
|
6233000
|
unkown
|
page read and write
|
||
|
18E52FFF000
|
trusted library allocation
|
page read and write
|
||
|
3280000
|
heap
|
page read and write
|
||
|
61B7000
|
unkown
|
page read and write
|
||
|
39B5000
|
heap
|
page read and write
|
||
|
18E54554000
|
trusted library allocation
|
page read and write
|
||
|
6D76000
|
heap
|
page read and write
|
||
|
4388000
|
trusted library allocation
|
page read and write
|
||
|
277F000
|
stack
|
page read and write
|
||
|
5D00000
|
remote allocation
|
page read and write
|
||
|
18E5047F000
|
heap
|
page read and write
|
||
|
18E52558000
|
trusted library allocation
|
page read and write
|
||
|
6BC80000
|
unkown
|
page readonly
|
||
|
18E52CA8000
|
trusted library allocation
|
page read and write
|
||
|
18E53870000
|
trusted library allocation
|
page read and write
|
||
|
61A9000
|
unkown
|
page read and write
|
||
|
7A00000
|
heap
|
page read and write
|
||
|
3EDE000
|
unkown
|
page read and write
|
||
|
6D8C000
|
heap
|
page read and write
|
||
|
409E000
|
trusted library allocation
|
page read and write
|
||
|
3B20000
|
trusted library allocation
|
page read and write
|
||
|
6F90000
|
trusted library allocation
|
page read and write
|
||
|
18E53D06000
|
trusted library allocation
|
page read and write
|
||
|
2FCB000
|
stack
|
page read and write
|
||
|
2694000
|
heap
|
page read and write
|
||
|
6C32E000
|
unkown
|
page readonly
|
||
|
6EAE000
|
stack
|
page read and write
|
||
|
18E523C2000
|
heap
|
page read and write
|
||
|
18E502F0000
|
heap
|
page read and write
|
||
|
60A0000
|
unkown
|
page read and write
|
||
|
2684000
|
trusted library allocation
|
page read and write
|
||
|
18E52DC4000
|
trusted library allocation
|
page read and write
|
||
|
18E5332C000
|
trusted library allocation
|
page read and write
|
||
|
61AD000
|
unkown
|
page read and write
|
||
|
1200000
|
heap
|
page read and write
|
||
|
32F6000
|
heap
|
page read and write
|
||
|
61B5000
|
unkown
|
page read and write
|
||
|
3450000
|
heap
|
page read and write
|
||
|
6F6D000
|
stack
|
page read and write
|
||
|
61A9000
|
unkown
|
page read and write
|
||
|
334F000
|
stack
|
page read and write
|
||
|
61E6000
|
unkown
|
page read and write
|
||
|
18E62541000
|
trusted library allocation
|
page read and write
|
||
|
333E000
|
unkown
|
page read and write
|
||
|
6D22000
|
heap
|
page read and write
|
||
|
3006000
|
heap
|
page read and write
|
||
|
61D6000
|
unkown
|
page read and write
|
||
|
18E5362F000
|
trusted library allocation
|
page read and write
|
||
|
6BC80000
|
unkown
|
page readonly
|
||
|
18E53FC3000
|
trusted library allocation
|
page read and write
|
||
|
3434000
|
heap
|
page read and write
|
||
|
4810000
|
unkown
|
page read and write
|
||
|
3415000
|
heap
|
page read and write
|
||
|
497B000
|
trusted library allocation
|
page read and write
|
||
|
18E53015000
|
trusted library allocation
|
page read and write
|
||
|
DE4000
|
unkown
|
page read and write
|
||
|
13F8000
|
heap
|
page read and write
|
||
|
62A0000
|
unkown
|
page read and write
|
||
|
38ED000
|
heap
|
page read and write
|
||
|
18E52D37000
|
trusted library allocation
|
page read and write
|
||
|
61F6000
|
unkown
|
page read and write
|
||
|
6C837000
|
unkown
|
page write copy
|
||
|
61D6000
|
unkown
|
page read and write
|
||
|
18E66B41000
|
trusted library allocation
|
page read and write
|
||
|
18E5382A000
|
trusted library allocation
|
page read and write
|
||
|
61F5000
|
unkown
|
page read and write
|
||
|
135E000
|
stack
|
page read and write
|
||
|
3441000
|
heap
|
page read and write
|
||
|
1244000
|
heap
|
page read and write
|
||
|
18E549F5000
|
trusted library allocation
|
page read and write
|
||
|
61D6000
|
unkown
|
page read and write
|
||
|
7E0000
|
unkown
|
page readonly
|
||
|
61C6000
|
unkown
|
page read and write
|
||
|
3A24000
|
heap
|
page read and write
|
||
|
23A0000
|
heap
|
page read and write
|
||
|
4E72000
|
heap
|
page read and write
|
||
|
4911000
|
unkown
|
page read and write
|
||
|
46E3000
|
trusted library allocation
|
page read and write
|
||
|
61CF000
|
unkown
|
page read and write
|
||
|
6BB50000
|
unkown
|
page readonly
|
||
|
6F023000
|
unkown
|
page readonly
|
||
|
18E5320D000
|
trusted library allocation
|
page read and write
|
||
|
18E52380000
|
heap
|
page read and write
|
||
|
2F70000
|
heap
|
page read and write
|
||
|
6C54C000
|
unkown
|
page readonly
|
||
|
7E0000
|
unkown
|
page readonly
|
||
|
18E54A09000
|
trusted library allocation
|
page read and write
|
||
|
4DE7000
|
heap
|
page read and write
|
||
|
18E53E5B000
|
trusted library allocation
|
page read and write
|
||
|
DE8000
|
unkown
|
page readonly
|
||
|
6FD0000
|
trusted library allocation
|
page read and write
|
||
|
6C83B000
|
unkown
|
page readonly
|
||
|
18E52D39000
|
trusted library allocation
|
page read and write
|
||
|
18E51DD0000
|
heap
|
page readonly
|
||
|
2FCD000
|
heap
|
page read and write
|
||
|
6DC0000
|
unkown
|
page read and write
|
||
|
18E531F7000
|
trusted library allocation
|
page read and write
|
||
|
18E53135000
|
trusted library allocation
|
page read and write
|
||
|
DE8000
|
unkown
|
page readonly
|
||
|
6BD6E000
|
unkown
|
page read and write
|
||
|
61C6000
|
unkown
|
page read and write
|
||
|
18E54A3B000
|
trusted library allocation
|
page read and write
|
||
|
61AD000
|
unkown
|
page read and write
|
||
|
53EE000
|
direct allocation
|
page read and write
|
||
|
5D00000
|
remote allocation
|
page read and write
|
||
|
61C6000
|
unkown
|
page read and write
|
||
|
12F8000
|
heap
|
page read and write
|
||
|
18E52D94000
|
trusted library allocation
|
page read and write
|
||
|
61B4000
|
unkown
|
page read and write
|
||
|
61FC000
|
unkown
|
page read and write
|
||
|
61A6000
|
unkown
|
page read and write
|
||
|
4DDF000
|
unkown
|
page read and write
|
||
|
61A2000
|
unkown
|
page read and write
|
||
|
4105000
|
heap
|
page read and write
|
||
|
2690000
|
heap
|
page read and write
|
||
|
61D6000
|
unkown
|
page read and write
|
||
|
4C95000
|
heap
|
page read and write
|
||
|
61C5000
|
unkown
|
page read and write
|
||
|
18E5246C000
|
heap
|
page read and write
|
||
|
685B000
|
stack
|
page read and write
|
||
|
6F0DF000
|
unkown
|
page read and write
|
||
|
61D6000
|
unkown
|
page read and write
|
||
|
2826000
|
heap
|
page read and write
|
||
|
18E53D97000
|
trusted library allocation
|
page read and write
|
||
|
403E000
|
trusted library allocation
|
page read and write
|
There are 1211 hidden memdumps, click here to show them.