Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
SecuriteInfo.com.PUA.RiskWare.Frp.3859.2083.exe
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
initial sample
|
||
|
\Device\Mup\user-PC\PIPE\samr
|
GLS_BINARY_LSB_FIRST
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\SecuriteInfo.com.PUA.RiskWare.Frp.3859.2083.exe
|
"C:\Users\user\Desktop\SecuriteInfo.com.PUA.RiskWare.Frp.3859.2083.exe"
|
 |
|
|
C:\Users\user\Desktop\SecuriteInfo.com.PUA.RiskWare.Frp.3859.2083.exe
|
C:\Users\user\Desktop\SecuriteInfo.com.PUA.RiskWare.Frp.3859.2083.exe
|
|
|
|
C:\Windows\System32\cmd.exe
|
cmd.exe /K
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://dashboard.ngrok.com/tunnels/ssh-keysa
|
unknown
|
||
|
https://ngrok.com/tos
|
unknown
|
||
|
https://ngrok.com/docs/ngrok-link#service-api-content-typeOnly
|
unknown
|
||
|
https://dashboard.ngrok.com/billing/subscriptionunable
|
unknown
|
||
|
https://dns.google.com/resolve?https://update.equinox.io/checkillegal
|
unknown
|
||
|
https://dashboard.ngrok.com/billing/subscriptiontls:
|
unknown
|
||
|
https://github.com/spf13/cobra/issues/1508
|
unknown
|
||
|
https://ngrok.com/docs/errors/err_ngrok_8012
|
unknown
|
||
|
https://dashboard.ngrok.com/billing/subscriptionThis
|
unknown
|
||
|
https://dashboard.ngrok.com/billing/subscriptiona
|
unknown
|
||
|
https://dashboard.ngrok.com/billing/subscriptionEmpty
|
unknown
|
||
|
https://dashboard.ngrok.com/billing/subscriptionAn
|
unknown
|
||
|
https://dashboard.ngrok.com/security/ip-restrictionsThe
|
unknown
|
||
|
https://dashboard.ngrok.com/get-started/your-authtokenduplicate
|
unknown
|
||
|
https://status.ngrok.com/
|
unknown
|
||
|
https://ngrok.com/docs/ngrok-link#tls-certificates-key)Private
|
unknown
|
||
|
https://ngrok.com/docs/cloud-edge#compatible-clientsYour
|
unknown
|
||
|
https://ngrok.com/docs/api#authentication)ngrok
|
unknown
|
||
|
https://ngrok.com/docs/api#tls-certificates-pem)Certificate
|
unknown
|
||
|
https://dashboard.ngrok.com/tunnels/ssh-keys
|
unknown
|
||
|
https://dashboard.ngrok.com/api
|
unknown
|
||
|
https://dashboard.ngrok.com/billing/subscriptionEndpoints
|
unknown
|
||
|
https://dashboard.ngrok.com/get-started/your-authtokenthe
|
unknown
|
||
|
https://dashboard.ngrok.com/get-started/your-authtokenCertificate
|
unknown
|
||
|
https://dashboard.ngrok.com/billing/subscription-----BEGIN
|
unknown
|
||
|
https://dashboard.ngrok.com/billing/subscription
|
unknown
|
||
|
https://dashboard.ngrok.com/get-started/your-authtokenUpdates
|
unknown
|
||
|
https://dashboard.ngrok.com/billing/subscriptionInvalid
|
unknown
|
||
|
https://dashboard.ngrok.com/get-started/your-authtokenStatusNormalClosureStatusGoingAwayStatusProtoc
|
unknown
|
||
|
https://dashboard.ngrok.com/billing/subscriptionCPU
|
unknown
|
||
|
https://dashboard.ngrok.com/billing/subscriptionCreates
|
unknown
|
||
|
https://www.ngrok.com
|
unknown
|
||
|
https://dashboard.ngrok.com/api/keys.
|
unknown
|
||
|
https://dashboard.ngrok.com/billing/subscription0001020304050607080910111213141516171819202122232425
|
unknown
|
||
|
https://dashboard.ngrok.com/billing/subscriptionID
|
unknown
|
||
|
https://dashboard.ngrok.com/billing/subscriptionGenerate
|
unknown
|
||
|
https://dashboard.ngrok.com/billing/subscriptionif
|
unknown
|
||
|
https://dashboard.ngrok.com/get-started/your-authtokenTunnel
|
unknown
|
||
|
https://dashboard.ngrok.com/billing/subscriptionCreate
|
unknown
|
||
|
https://ngrok.com/docs/a...Abuse
|
unknown
|
||
|
https://github.com/openssh/openssh-portable/blob/master/PROTOCOL.certkeys)the
|
unknown
|
||
|
https://dashboard.ngrok.com/billing/subscriptionHTTP/1.1
|
unknown
|
||
|
https://dashboard.ngrok.com/billing/subscriptionSSH
|
unknown
|
||
|
https://dashboard.ngrok.com/billing/subscriptionOnly
|
unknown
|
||
|
https://dashboard.ngrok.com/api/keys)API
|
unknown
|
||
|
https://dashboard.ngrok.com/billing/subscriptionIf
|
unknown
|
||
|
https://dashboard.ngrok.com/signup
|
unknown
|
||
|
https://dashboard.ngrok.com/billing/subscriptionA
|
unknown
|
||
|
https://dashboard.ngrok.com/billing/subscriptionYou
|
unknown
|
||
|
https://dashboard.ngrok.com/billing/subscriptionYour
|
unknown
|
||
|
https://github.com/spf13/cobra/issues/1279
|
unknown
|
||
|
https://api.ngrok.comhttps://ngrok.com/tosin
|
unknown
|
There are 42 hidden URLs, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
C00043A000
|
direct allocation
|
page read and write
|
||
|
1DBE913D000
|
direct allocation
|
page read and write
|
||
|
C0001B0000
|
direct allocation
|
page read and write
|
||
|
C000480000
|
direct allocation
|
page read and write
|
||
|
C000016000
|
direct allocation
|
page read and write
|
||
|
C000148000
|
direct allocation
|
page read and write
|
||
|
C00040C000
|
direct allocation
|
page read and write
|
||
|
C000120000
|
direct allocation
|
page read and write
|
||
|
C000094000
|
direct allocation
|
page read and write
|
||
|
C00008A000
|
direct allocation
|
page read and write
|
||
|
C0000CA000
|
direct allocation
|
page read and write
|
||
|
C000200000
|
direct allocation
|
page read and write
|
||
|
C00029C000
|
direct allocation
|
page read and write
|
||
|
C0003FA000
|
direct allocation
|
page read and write
|
||
|
C00021A000
|
direct allocation
|
page read and write
|
||
|
C000164000
|
direct allocation
|
page read and write
|
||
|
1DBE9170000
|
direct allocation
|
page read and write
|
||
|
C00016E000
|
direct allocation
|
page read and write
|
||
|
1DBEACE0000
|
direct allocation
|
page read and write
|
||
|
C000224000
|
direct allocation
|
page read and write
|
||
|
C00031C000
|
direct allocation
|
page read and write
|
||
|
198E9E30000
|
direct allocation
|
page read and write
|
||
|
1540000
|
unkown
|
page readonly
|
||
|
C0002D6000
|
direct allocation
|
page read and write
|
||
|
C000228000
|
direct allocation
|
page read and write
|
||
|
C0001D4000
|
direct allocation
|
page read and write
|
||
|
C0000EA000
|
direct allocation
|
page read and write
|
||
|
C0000E4000
|
direct allocation
|
page read and write
|
||
|
C0000E2000
|
direct allocation
|
page read and write
|
||
|
A8F000
|
unkown
|
page readonly
|
||
|
291000
|
unkown
|
page execute read
|
||
|
C000061000
|
direct allocation
|
page read and write
|
||
|
C0002C0000
|
direct allocation
|
page read and write
|
||
|
198C2D80000
|
direct allocation
|
page read and write
|
||
|
C000140000
|
direct allocation
|
page read and write
|
||
|
C000008000
|
direct allocation
|
page read and write
|
||
|
93F9BFE000
|
stack
|
page read and write
|
||
|
C000084000
|
direct allocation
|
page read and write
|
||
|
A8F000
|
unkown
|
page readonly
|
||
|
1479000
|
unkown
|
page write copy
|
||
|
C000098000
|
direct allocation
|
page read and write
|
||
|
198C2D24000
|
direct allocation
|
page read and write
|
||
|
C00044E000
|
direct allocation
|
page read and write
|
||
|
C000294000
|
direct allocation
|
page read and write
|
||
|
C000104000
|
direct allocation
|
page read and write
|
||
|
C000063000
|
direct allocation
|
page read and write
|
||
|
1DBEACA1000
|
direct allocation
|
page read and write
|
||
|
1467000
|
unkown
|
page write copy
|
||
|
198E9E40000
|
trusted library allocation
|
page read and write
|
||
|
C000142000
|
direct allocation
|
page read and write
|
||
|
14BE000
|
unkown
|
page write copy
|
||
|
C0000C4000
|
direct allocation
|
page read and write
|
||
|
C000041000
|
direct allocation
|
page read and write
|
||
|
198C2D00000
|
heap
|
page read and write
|
||
|
C000476000
|
direct allocation
|
page read and write
|
||
|
C0001D4000
|
direct allocation
|
page read and write
|
||
|
291000
|
unkown
|
page execute read
|
||
|
1DBC3B47000
|
heap
|
page read and write
|
||
|
C0004AA000
|
direct allocation
|
page read and write
|
||
|
C0003AC000
|
direct allocation
|
page read and write
|
||
|
C000296000
|
direct allocation
|
page read and write
|
||
|
1DBC3E90000
|
direct allocation
|
page read and write
|
||
|
C000224000
|
direct allocation
|
page read and write
|
||
|
C000204000
|
direct allocation
|
page read and write
|
||
|
C000404000
|
direct allocation
|
page read and write
|
||
|
C0001E0000
|
direct allocation
|
page read and write
|
||
|
1DBC3B10000
|
heap
|
page read and write
|
||
|
147A000
|
unkown
|
page read and write
|
||
|
14C8000
|
unkown
|
page read and write
|
||
|
C0002A2000
|
direct allocation
|
page read and write
|
||
|
C000124000
|
direct allocation
|
page read and write
|
||
|
1500000
|
unkown
|
page read and write
|
||
|
C000212000
|
direct allocation
|
page read and write
|
||
|
C00011C000
|
direct allocation
|
page read and write
|
||
|
1DBE9168000
|
direct allocation
|
page read and write
|
||
|
C0003FC000
|
direct allocation
|
page read and write
|
||
|
291000
|
unkown
|
page execute read
|
||
|
C0000A6000
|
direct allocation
|
page read and write
|
||
|
C00046A000
|
direct allocation
|
page read and write
|
||
|
C0000F2000
|
direct allocation
|
page read and write
|
||
|
C0002D8000
|
direct allocation
|
page read and write
|
||
|
65303FD000
|
stack
|
page read and write
|
||
|
C0002B6000
|
direct allocation
|
page read and write
|
||
|
C000252000
|
direct allocation
|
page read and write
|
||
|
C0002AA000
|
direct allocation
|
page read and write
|
||
|
1467000
|
unkown
|
page write copy
|
||
|
C0000A0000
|
direct allocation
|
page read and write
|
||
|
C000126000
|
direct allocation
|
page read and write
|
||
|
C0001FB000
|
direct allocation
|
page read and write
|
||
|
C000286000
|
direct allocation
|
page read and write
|
||
|
C0002C6000
|
direct allocation
|
page read and write
|
||
|
C000226000
|
direct allocation
|
page read and write
|
||
|
1540000
|
unkown
|
page readonly
|
||
|
C000194000
|
direct allocation
|
page read and write
|
||
|
C0001DE000
|
direct allocation
|
page read and write
|
||
|
C000400000
|
direct allocation
|
page read and write
|
||
|
C000176000
|
direct allocation
|
page read and write
|
||
|
C000142000
|
direct allocation
|
page read and write
|
||
|
C000138000
|
direct allocation
|
page read and write
|
||
|
C000284000
|
direct allocation
|
page read and write
|
||
|
A8F000
|
unkown
|
page readonly
|
||
|
1468000
|
unkown
|
page read and write
|
||
|
198C2FDF000
|
direct allocation
|
page read and write
|
||
|
1DBEAD00000
|
direct allocation
|
page read and write
|
||
|
1467000
|
unkown
|
page write copy
|
||
|
C00005D000
|
direct allocation
|
page read and write
|
||
|
14C0000
|
unkown
|
page write copy
|
||
|
C00005F000
|
direct allocation
|
page read and write
|
||
|
C000466000
|
direct allocation
|
page read and write
|
||
|
198E9E40000
|
trusted library allocation
|
page read and write
|
||
|
C0002B0000
|
direct allocation
|
page read and write
|
||
|
153F000
|
unkown
|
page write copy
|
||
|
C00005D000
|
direct allocation
|
page read and write
|
||
|
C0000F6000
|
direct allocation
|
page read and write
|
||
|
14D0000
|
unkown
|
page read and write
|
||
|
198C3001000
|
direct allocation
|
page read and write
|
||
|
C000148000
|
direct allocation
|
page read and write
|
||
|
C000212000
|
direct allocation
|
page read and write
|
||
|
65307FE000
|
stack
|
page read and write
|
||
|
C00026C000
|
direct allocation
|
page read and write
|
||
|
C000444000
|
direct allocation
|
page read and write
|
||
|
C000198000
|
direct allocation
|
page read and write
|
||
|
14CC000
|
unkown
|
page read and write
|
||
|
C00007D000
|
direct allocation
|
page read and write
|
||
|
C0000DE000
|
direct allocation
|
page read and write
|
||
|
C00009A000
|
direct allocation
|
page read and write
|
||
|
C0002CC000
|
direct allocation
|
page read and write
|
||
|
198C3070000
|
trusted library allocation
|
page read and write
|
||
|
6530DFF000
|
stack
|
page read and write
|
||
|
C000164000
|
direct allocation
|
page read and write
|
||
|
C000122000
|
direct allocation
|
page read and write
|
||
|
C000476000
|
direct allocation
|
page read and write
|
||
|
C00032D000
|
direct allocation
|
page read and write
|
||
|
C000117000
|
direct allocation
|
page read and write
|
||
|
C0000A2000
|
direct allocation
|
page read and write
|
||
|
C000112000
|
direct allocation
|
page read and write
|
||
|
A8F000
|
unkown
|
page readonly
|
||
|
C000053000
|
direct allocation
|
page read and write
|
||
|
C00039A000
|
direct allocation
|
page read and write
|
||
|
C0003A0000
|
direct allocation
|
page read and write
|
||
|
1DBC3AF0000
|
heap
|
page read and write
|
||
|
153F000
|
unkown
|
page write copy
|
||
|
65301FE000
|
stack
|
page read and write
|
||
|
198C2D98000
|
heap
|
page read and write
|
||
|
C00008A000
|
direct allocation
|
page read and write
|
||
|
C0000C4000
|
direct allocation
|
page read and write
|
||
|
1468000
|
unkown
|
page read and write
|
||
|
152E000
|
unkown
|
page read and write
|
||
|
C0000AC000
|
direct allocation
|
page read and write
|
||
|
198C2C00000
|
heap
|
page read and write
|
||
|
C00021A000
|
direct allocation
|
page read and write
|
||
|
C000100000
|
direct allocation
|
page read and write
|
||
|
C000088000
|
direct allocation
|
page read and write
|
||
|
14CE000
|
unkown
|
page write copy
|
||
|
C0000EA000
|
direct allocation
|
page read and write
|
||
|
C0002A6000
|
direct allocation
|
page read and write
|
||
|
198C3085000
|
heap
|
page read and write
|
||
|
93FA7FE000
|
stack
|
page read and write
|
||
|
C000464000
|
direct allocation
|
page read and write
|
||
|
C000470000
|
direct allocation
|
page read and write
|
||
|
1467000
|
unkown
|
page write copy
|
||
|
C0001C6000
|
direct allocation
|
page read and write
|
||
|
1DBEAD10000
|
trusted library allocation
|
page read and write
|
||
|
14C9000
|
unkown
|
page write copy
|
||
|
C0000FC000
|
direct allocation
|
page read and write
|
||
|
C00029A000
|
direct allocation
|
page read and write
|
||
|
1DBC3B30000
|
heap
|
page read and write
|
||
|
C00041E000
|
direct allocation
|
page read and write
|
||
|
C00007D000
|
direct allocation
|
page read and write
|
||
|
C00020A000
|
direct allocation
|
page read and write
|
||
|
C000112000
|
direct allocation
|
page read and write
|
||
|
C000094000
|
direct allocation
|
page read and write
|
||
|
C000000000
|
direct allocation
|
page read and write
|
||
|
C0003F2000
|
direct allocation
|
page read and write
|
||
|
C0002B8000
|
direct allocation
|
page read and write
|
||
|
C0000A2000
|
direct allocation
|
page read and write
|
||
|
C000320000
|
direct allocation
|
page read and write
|
||
|
C000120000
|
direct allocation
|
page read and write
|
||
|
C000162000
|
direct allocation
|
page read and write
|
||
|
198C2F90000
|
direct allocation
|
page read and write
|
||
|
C000008000
|
direct allocation
|
page read and write
|
||
|
C000028000
|
direct allocation
|
page read and write
|
||
|
C0000F6000
|
direct allocation
|
page read and write
|
||
|
C00018F000
|
direct allocation
|
page read and write
|
||
|
1535000
|
unkown
|
page read and write
|
||
|
93F9FFF000
|
stack
|
page read and write
|
||
|
C00013E000
|
direct allocation
|
page read and write
|
||
|
C000410000
|
direct allocation
|
page read and write
|
||
|
C000068000
|
direct allocation
|
page read and write
|
||
|
1500000
|
unkown
|
page read and write
|
||
|
C000002000
|
direct allocation
|
page read and write
|
||
|
C0003C4000
|
direct allocation
|
page read and write
|
||
|
C00006C000
|
direct allocation
|
page read and write
|
||
|
C000432000
|
direct allocation
|
page read and write
|
||
|
C000162000
|
direct allocation
|
page read and write
|
||
|
14CE000
|
unkown
|
page write copy
|
||
|
C00011E000
|
direct allocation
|
page read and write
|
||
|
652F9F9000
|
stack
|
page read and write
|
||
|
198C2FAC000
|
direct allocation
|
page read and write
|
||
|
C000260000
|
direct allocation
|
page read and write
|
||
|
C0000C6000
|
direct allocation
|
page read and write
|
||
|
C000051000
|
direct allocation
|
page read and write
|
||
|
C0000DC000
|
direct allocation
|
page read and write
|
||
|
C0000AA000
|
direct allocation
|
page read and write
|
||
|
C0002A0000
|
direct allocation
|
page read and write
|
||
|
C000104000
|
direct allocation
|
page read and write
|
||
|
C00029E000
|
direct allocation
|
page read and write
|
||
|
14BB000
|
unkown
|
page read and write
|
||
|
1DBEAD10000
|
trusted library allocation
|
page read and write
|
||
|
C0003CA000
|
direct allocation
|
page read and write
|
||
|
C000004000
|
direct allocation
|
page read and write
|
||
|
C0003EE000
|
direct allocation
|
page read and write
|
||
|
C0003A2000
|
direct allocation
|
page read and write
|
||
|
C00006C000
|
direct allocation
|
page read and write
|
||
|
C000002000
|
direct allocation
|
page read and write
|
||
|
C0004A0000
|
direct allocation
|
page read and write
|
||
|
198E9DD0000
|
direct allocation
|
page read and write
|
||
|
C0002B2000
|
direct allocation
|
page read and write
|
||
|
C000440000
|
direct allocation
|
page read and write
|
||
|
153F000
|
unkown
|
page write copy
|
||
|
198C2FF5000
|
direct allocation
|
page read and write
|
||
|
C0003C8000
|
direct allocation
|
page read and write
|
||
|
93FA1FE000
|
stack
|
page read and write
|
||
|
198C3005000
|
direct allocation
|
page read and write
|
||
|
C00023A000
|
direct allocation
|
page read and write
|
||
|
1DBC3D04000
|
direct allocation
|
page read and write
|
||
|
C000098000
|
direct allocation
|
page read and write
|
||
|
147B000
|
unkown
|
page write copy
|
||
|
C0000D6000
|
direct allocation
|
page read and write
|
||
|
290000
|
unkown
|
page readonly
|
||
|
C0000F0000
|
direct allocation
|
page read and write
|
||
|
C000068000
|
direct allocation
|
page read and write
|
||
|
C0000C8000
|
direct allocation
|
page read and write
|
||
|
C000226000
|
direct allocation
|
page read and write
|
||
|
C0001E0000
|
direct allocation
|
page read and write
|
||
|
C000138000
|
direct allocation
|
page read and write
|
||
|
14C0000
|
unkown
|
page write copy
|
||
|
C00016E000
|
direct allocation
|
page read and write
|
||
|
198E9E10000
|
direct allocation
|
page read and write
|
||
|
C0001B8000
|
direct allocation
|
page read and write
|
||
|
C000436000
|
direct allocation
|
page read and write
|
||
|
291000
|
unkown
|
page execute read
|
||
|
C000380000
|
direct allocation
|
page read and write
|
||
|
C0003D0000
|
direct allocation
|
page read and write
|
||
|
291000
|
unkown
|
page execute read
|
||
|
147A000
|
unkown
|
page read and write
|
||
|
14BF000
|
unkown
|
page read and write
|
||
|
290000
|
unkown
|
page readonly
|
||
|
C000100000
|
direct allocation
|
page read and write
|
||
|
1DBEAD10000
|
trusted library allocation
|
page read and write
|
||
|
C000300000
|
direct allocation
|
page read and write
|
||
|
C000270000
|
direct allocation
|
page read and write
|
||
|
C000086000
|
direct allocation
|
page read and write
|
||
|
C000016000
|
direct allocation
|
page read and write
|
||
|
C000144000
|
direct allocation
|
page read and write
|
||
|
C00005F000
|
direct allocation
|
page read and write
|
||
|
C0001B8000
|
direct allocation
|
page read and write
|
||
|
C00009C000
|
direct allocation
|
page read and write
|
||
|
C0000E6000
|
direct allocation
|
page read and write
|
||
|
14C8000
|
unkown
|
page read and write
|
||
|
C0002AC000
|
direct allocation
|
page read and write
|
||
|
C000316000
|
direct allocation
|
page read and write
|
||
|
C00008C000
|
direct allocation
|
page read and write
|
||
|
1507000
|
unkown
|
page read and write
|
||
|
1DBC3B3C000
|
heap
|
page read and write
|
||
|
C000096000
|
direct allocation
|
page read and write
|
||
|
C000047000
|
direct allocation
|
page read and write
|
||
|
1DBC3D09000
|
direct allocation
|
page read and write
|
||
|
C00041C000
|
direct allocation
|
page read and write
|
||
|
C000228000
|
direct allocation
|
page read and write
|
||
|
198C2FA8000
|
direct allocation
|
page read and write
|
||
|
C0002DA000
|
direct allocation
|
page read and write
|
||
|
C000053000
|
direct allocation
|
page read and write
|
||
|
14C9000
|
unkown
|
page write copy
|
||
|
C0004A6000
|
direct allocation
|
page read and write
|
||
|
198C2F96000
|
direct allocation
|
page read and write
|
||
|
1DBE9163000
|
direct allocation
|
page read and write
|
||
|
C000198000
|
direct allocation
|
page read and write
|
||
|
C000240000
|
direct allocation
|
page read and write
|
||
|
C000056000
|
direct allocation
|
page read and write
|
||
|
C000152000
|
direct allocation
|
page read and write
|
||
|
1DBE9149000
|
direct allocation
|
page read and write
|
||
|
C00045E000
|
direct allocation
|
page read and write
|
||
|
1DBC3EC0000
|
heap
|
page read and write
|
||
|
C000428000
|
direct allocation
|
page read and write
|
||
|
C00042C000
|
direct allocation
|
page read and write
|
||
|
C000424000
|
direct allocation
|
page read and write
|
||
|
C000246000
|
direct allocation
|
page read and write
|
||
|
152E000
|
unkown
|
page read and write
|
||
|
C000496000
|
direct allocation
|
page read and write
|
||
|
C000041000
|
direct allocation
|
page read and write
|
||
|
C0002BE000
|
direct allocation
|
page read and write
|
||
|
1DBEAD10000
|
trusted library allocation
|
page read and write
|
||
|
C000479000
|
direct allocation
|
page read and write
|
||
|
C000038000
|
direct allocation
|
page read and write
|
||
|
C0003E0000
|
direct allocation
|
page read and write
|
||
|
C0000A6000
|
direct allocation
|
page read and write
|
||
|
C000168000
|
direct allocation
|
page read and write
|
||
|
1DBC3AE0000
|
heap
|
page read and write
|
||
|
C00015C000
|
direct allocation
|
page read and write
|
||
|
C000433000
|
direct allocation
|
page read and write
|
||
|
C0003E6000
|
direct allocation
|
page read and write
|
||
|
C000420000
|
direct allocation
|
page read and write
|
||
|
C00019F000
|
direct allocation
|
page read and write
|
||
|
C0000F4000
|
direct allocation
|
page read and write
|
||
|
198C2CE0000
|
heap
|
page read and write
|
||
|
C00017C000
|
direct allocation
|
page read and write
|
||
|
C0002D2000
|
direct allocation
|
page read and write
|
||
|
198C2FDD000
|
direct allocation
|
page read and write
|
||
|
C000152000
|
direct allocation
|
page read and write
|
||
|
C000380000
|
direct allocation
|
page read and write
|
||
|
C0002A8000
|
direct allocation
|
page read and write
|
||
|
C0002AE000
|
direct allocation
|
page read and write
|
||
|
C000230000
|
direct allocation
|
page read and write
|
||
|
C000254000
|
direct allocation
|
page read and write
|
||
|
C0003E4000
|
direct allocation
|
page read and write
|
||
|
C0003CC000
|
direct allocation
|
page read and write
|
||
|
C0000B6000
|
direct allocation
|
page read and write
|
||
|
C000051000
|
direct allocation
|
page read and write
|
||
|
93FA3FD000
|
stack
|
page read and write
|
||
|
C0003B2000
|
direct allocation
|
page read and write
|
||
|
C000210000
|
direct allocation
|
page read and write
|
||
|
C000043000
|
direct allocation
|
page read and write
|
||
|
291000
|
unkown
|
page execute read
|
||
|
C0000FC000
|
direct allocation
|
page read and write
|
||
|
C0003DC000
|
direct allocation
|
page read and write
|
||
|
C00046A000
|
direct allocation
|
page read and write
|
||
|
C00049E000
|
direct allocation
|
page read and write
|
||
|
198C3010000
|
direct allocation
|
page read and write
|
||
|
1DBC3E67000
|
direct allocation
|
page read and write
|
||
|
1540000
|
unkown
|
page readonly
|
||
|
1DBC3D00000
|
direct allocation
|
page read and write
|
||
|
C000448000
|
direct allocation
|
page read and write
|
||
|
C0002B4000
|
direct allocation
|
page read and write
|
||
|
C0003CA000
|
direct allocation
|
page read and write
|
||
|
C0004B4000
|
direct allocation
|
page read and write
|
||
|
C000038000
|
direct allocation
|
page read and write
|
||
|
C0001B0000
|
direct allocation
|
page read and write
|
||
|
C00018F000
|
direct allocation
|
page read and write
|
||
|
C00015C000
|
direct allocation
|
page read and write
|
||
|
C000056000
|
direct allocation
|
page read and write
|
||
|
C0002A4000
|
direct allocation
|
page read and write
|
||
|
C000086000
|
direct allocation
|
page read and write
|
||
|
1479000
|
unkown
|
page write copy
|
||
|
C0001C6000
|
direct allocation
|
page read and write
|
||
|
C0000E4000
|
direct allocation
|
page read and write
|
||
|
1DBC3E60000
|
direct allocation
|
page read and write
|
||
|
C0000EE000
|
direct allocation
|
page read and write
|
||
|
C0000CE000
|
direct allocation
|
page read and write
|
||
|
C0000E8000
|
direct allocation
|
page read and write
|
||
|
C0004BA000
|
direct allocation
|
page read and write
|
||
|
C0003D4000
|
direct allocation
|
page read and write
|
||
|
C0003BA000
|
direct allocation
|
page read and write
|
||
|
C000176000
|
direct allocation
|
page read and write
|
||
|
93FA5FF000
|
stack
|
page read and write
|
||
|
93F9DFF000
|
stack
|
page read and write
|
||
|
14BB000
|
unkown
|
page read and write
|
||
|
6530BFF000
|
stack
|
page read and write
|
||
|
14BE000
|
unkown
|
page write copy
|
||
|
C00026E000
|
direct allocation
|
page read and write
|
||
|
C000000000
|
direct allocation
|
page read and write
|
||
|
C000028000
|
direct allocation
|
page read and write
|
||
|
C000168000
|
direct allocation
|
page read and write
|
||
|
C000446000
|
direct allocation
|
page read and write
|
||
|
C000414000
|
direct allocation
|
page read and write
|
||
|
C00012E000
|
direct allocation
|
page read and write
|
||
|
C00017E000
|
direct allocation
|
page read and write
|
||
|
C0003EA000
|
direct allocation
|
page read and write
|
||
|
C0003EE000
|
direct allocation
|
page read and write
|
||
|
C000088000
|
direct allocation
|
page read and write
|
||
|
C000474000
|
direct allocation
|
page read and write
|
||
|
198C2FD0000
|
direct allocation
|
page read and write
|
||
|
1DBC3E7C000
|
direct allocation
|
page read and write
|
||
|
65305FF000
|
stack
|
page read and write
|
||
|
C00013E000
|
direct allocation
|
page read and write
|
||
|
C00008E000
|
direct allocation
|
page read and write
|
||
|
C000084000
|
direct allocation
|
page read and write
|
||
|
C000061000
|
direct allocation
|
page read and write
|
||
|
C000130000
|
direct allocation
|
page read and write
|
||
|
C00009E000
|
direct allocation
|
page read and write
|
||
|
C0004BC000
|
direct allocation
|
page read and write
|
||
|
198C2FFB000
|
direct allocation
|
page read and write
|
||
|
C000047000
|
direct allocation
|
page read and write
|
||
|
198C2D29000
|
direct allocation
|
page read and write
|
||
|
14D0000
|
unkown
|
page read and write
|
||
|
290000
|
unkown
|
page readonly
|
||
|
1DBC3EC5000
|
heap
|
page read and write
|
||
|
C00020E000
|
direct allocation
|
page read and write
|
||
|
C00019F000
|
direct allocation
|
page read and write
|
||
|
1507000
|
unkown
|
page read and write
|
||
|
C0000BA000
|
direct allocation
|
page read and write
|
||
|
C000036000
|
direct allocation
|
page read and write
|
||
|
C000043000
|
direct allocation
|
page read and write
|
||
|
93F99F9000
|
stack
|
page read and write
|
||
|
198C3070000
|
trusted library allocation
|
page read and write
|
||
|
198C2D20000
|
direct allocation
|
page read and write
|
||
|
153F000
|
unkown
|
page write copy
|
||
|
C000485000
|
direct allocation
|
page read and write
|
||
|
198C2D90000
|
heap
|
page read and write
|
||
|
290000
|
unkown
|
page readonly
|
||
|
C00009C000
|
direct allocation
|
page read and write
|
||
|
1535000
|
unkown
|
page read and write
|
||
|
1540000
|
unkown
|
page readonly
|
||
|
14CC000
|
unkown
|
page read and write
|
||
|
198C3080000
|
heap
|
page read and write
|
||
|
14BF000
|
unkown
|
page read and write
|
||
|
65309FF000
|
stack
|
page read and write
|
||
|
C000440000
|
direct allocation
|
page read and write
|
||
|
C000414000
|
direct allocation
|
page read and write
|
||
|
C000063000
|
direct allocation
|
page read and write
|
||
|
C00045A000
|
direct allocation
|
page read and write
|
||
|
147B000
|
unkown
|
page write copy
|
||
|
1DBC3E72000
|
direct allocation
|
page read and write
|
||
|
C0000B4000
|
direct allocation
|
page read and write
|
||
|
C0001DE000
|
direct allocation
|
page read and write
|
||
|
C000194000
|
direct allocation
|
page read and write
|
||
|
C0000CC000
|
direct allocation
|
page read and write
|
||
|
652FFFF000
|
stack
|
page read and write
|
||
|
C0000B8000
|
direct allocation
|
page read and write
|
||
|
C0003E0000
|
direct allocation
|
page read and write
|
There are 410 hidden memdumps, click here to show them.