Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Fnvtdhenapsfwu.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\ProgramData\remcos\logs.dat
|
data
|
dropped
|
|
|
|
C:\Users\Public\Libraries\Fnvtdhen.PIF
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\Public\Fnvtdhen.url
|
MS Windows 95 Internet shortcut text (URL=<file:"C:\\Users\\Public\\Libraries\\Fnvtdhen.PIF">), ASCII text, with CRLF line
terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\Fnvtdhenapsfwu.exe
|
C:\Users\user\Desktop\Fnvtdhenapsfwu.exe
|
|
|
|
C:\Windows\SysWOW64\SndVol.exe
|
C:\Windows\System32\SndVol.exe
|
|
|
|
C:\Users\Public\Libraries\Fnvtdhen.PIF
|
"C:\Users\Public\Libraries\Fnvtdhen.PIF"
|
|
|
|
C:\Windows\SysWOW64\colorcpl.exe
|
C:\Windows\System32\colorcpl.exe
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://wsvdyhrgebwhevawe.ydns.eu/goofeeewsvd/FnvtdhenapsDLL
|
unknown
|
|
|
|
http://wsvdyhrgebwhevawe.ydns.eu/goofeeewsvd/Fnvtdhenaps
|
81.161.229.9
|
|
|
|
http://wsvdyhrgebwhevawe.ydns.eu/
|
unknown
|
|
|
|
http://wsvdyhrgebwhevawe.ydns.eu/goofeeewsvd/Fnvtdhenapsll&=
|
unknown
|
|
|
|
http://wsvdyhrgebwhevawe.ydns.eu/goofeeewsvd/Fnvtdhenapsf
|
unknown
|
|
|
|
http://wsvdyhrgebwhevawe.ydns.eu/goofeeewsvd/FnvtdhenapsDLLq/
|
unknown
|
|
|
|
tornado.ydns.eu
|
|
||
|
http://geoplugin.net/json.gp
|
unknown
|
||
|
http://://t.exet.exen
|
unknown
|
||
|
http://://t.exet.exe
|
unknown
|
||
|
http://geoplugin.net/json.gp/C
|
unknown
|
||
|
http://www.pmail.com
|
unknown
|
There are 2 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
orifak.ydns.eu
|
193.42.32.61
|
|
|
|
wsvdyhrgebwhevawe.ydns.eu
|
81.161.229.9
|
|
|
|
tornado.ydns.eu
|
193.42.32.61
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
81.161.229.9
|
wsvdyhrgebwhevawe.ydns.eu
|
Germany
|
|
|
|
193.42.32.61
|
orifak.ydns.eu
|
Germany
|
|
|
|
192.168.2.1
|
unknown
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
|
Fnvtdhen
|
||
|
HKEY_CURRENT_USER\Software\RmEEESSSssss-3AINT8
|
exepath
|
||
|
HKEY_CURRENT_USER\Software\RmEEESSSssss-3AINT8
|
licence
|
||
|
HKEY_CURRENT_USER\Software\RmEEESSSssss-3AINT8
|
time
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\MuiCache\f1\52C64B7E
|
@C:\Windows\SysWOW64\colorui.dll,-1400
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\ICM\ProfileAssociations\Print\Fax
|
UsePerUserProfiles
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
400000
|
direct allocation
|
page execute and read and write
|
|
|
|
7D5000
|
heap
|
page read and write
|
|
|
|
62F0000
|
remote allocation
|
page execute and read and write
|
|
|
|
2AB1000
|
heap
|
page read and write
|
|
|
|
2AB1000
|
heap
|
page read and write
|
|
|
|
2AB1000
|
heap
|
page read and write
|
|
|
|
6190000
|
remote allocation
|
page execute and read and write
|
|
|
|
400000
|
direct allocation
|
page execute and read and write
|
|
|
|
2AD0000
|
heap
|
page read and write
|
|
|
|
281D7402000
|
heap
|
page read and write
|
||
|
EB400FF000
|
stack
|
page read and write
|
||
|
518000
|
unkown
|
page readonly
|
||
|
2830000
|
direct allocation
|
page read and write
|
||
|
233AE8C0000
|
remote allocation
|
page read and write
|
||
|
7F430000
|
direct allocation
|
page read and write
|
||
|
277FA1C0000
|
heap
|
page read and write
|
||
|
18DA0C3D000
|
heap
|
page read and write
|
||
|
2BC0000
|
heap
|
page read and write
|
||
|
27804F13000
|
heap
|
page read and write
|
||
|
5C1000
|
heap
|
page read and write
|
||
|
D46E67D000
|
stack
|
page read and write
|
||
|
18DA0D02000
|
heap
|
page read and write
|
||
|
7E8D0000
|
direct allocation
|
page read and write
|
||
|
233AE002000
|
heap
|
page read and write
|
||
|
18DA0C63000
|
heap
|
page read and write
|
||
|
4854000
|
heap
|
page read and write
|
||
|
18DA0C32000
|
heap
|
page read and write
|
||
|
EF5F000
|
stack
|
page read and write
|
||
|
2AD2000
|
heap
|
page read and write
|
||
|
277FA3F0000
|
remote allocation
|
page read and write
|
||
|
A6278FE000
|
stack
|
page read and write
|
||
|
1000FE000
|
stack
|
page read and write
|
||
|
202546CF000
|
heap
|
page read and write
|
||
|
9EDD57E000
|
stack
|
page read and write
|
||
|
511000
|
unkown
|
page read and write
|
||
|
456D000
|
stack
|
page read and write
|
||
|
A627EFF000
|
stack
|
page read and write
|
||
|
F18C37E000
|
stack
|
page read and write
|
||
|
5FAF000
|
stack
|
page read and write
|
||
|
611000
|
heap
|
page read and write
|
||
|
9EDD87F000
|
stack
|
page read and write
|
||
|
EB7F000
|
direct allocation
|
page read and write
|
||
|
27804E3C000
|
heap
|
page read and write
|
||
|
295E000
|
stack
|
page read and write
|
||
|
4660000
|
heap
|
page read and write
|
||
|
18DA0C74000
|
heap
|
page read and write
|
||
|
1ADC144D000
|
heap
|
page read and write
|
||
|
277FA424000
|
heap
|
page read and write
|
||
|
ECAD000
|
direct allocation
|
page read and write
|
||
|
20254500000
|
heap
|
page read and write
|
||
|
F18C7FF000
|
stack
|
page read and write
|
||
|
277FA44A000
|
heap
|
page read and write
|
||
|
100B0000
|
direct allocation
|
page execute and read and write
|
||
|
2CB0000
|
direct allocation
|
page read and write
|
||
|
816000
|
heap
|
page read and write
|
||
|
5EAF000
|
stack
|
page read and write
|
||
|
202546D1000
|
heap
|
page read and write
|
||
|
EB4087E000
|
stack
|
page read and write
|
||
|
F18C6FF000
|
stack
|
page read and write
|
||
|
20254613000
|
heap
|
page read and write
|
||
|
F08D000
|
stack
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
5AB000
|
heap
|
page read and write
|
||
|
281D7597000
|
heap
|
page read and write
|
||
|
4830000
|
heap
|
page read and write
|
||
|
281D6BC0000
|
trusted library allocation
|
page read and write
|
||
|
1ADC148A000
|
heap
|
page read and write
|
||
|
1006F7000
|
stack
|
page read and write
|
||
|
1007FE000
|
stack
|
page read and write
|
||
|
2AD6000
|
heap
|
page read and write
|
||
|
27804D80000
|
trusted library allocation
|
page read and write
|
||
|
19FDB7E000
|
stack
|
page read and write
|
||
|
452C000
|
stack
|
page read and write
|
||
|
202546C2000
|
heap
|
page read and write
|
||
|
F3D1000
|
heap
|
page read and write
|
||
|
281D7528000
|
heap
|
page read and write
|
||
|
1ADC1320000
|
heap
|
page read and write
|
||
|
2025512C000
|
heap
|
page read and write
|
||
|
ECD8000
|
direct allocation
|
page read and write
|
||
|
9EDD47E000
|
stack
|
page read and write
|
||
|
27804E52000
|
heap
|
page read and write
|
||
|
20254600000
|
heap
|
page read and write
|
||
|
4680000
|
heap
|
page read and write
|
||
|
27CA000
|
direct allocation
|
page read and write
|
||
|
19FD76E000
|
stack
|
page read and write
|
||
|
20254690000
|
heap
|
page read and write
|
||
|
2025463F000
|
heap
|
page read and write
|
||
|
ECA8000
|
direct allocation
|
page read and write
|
||
|
4A0C000
|
stack
|
page read and write
|
||
|
4A4E000
|
stack
|
page read and write
|
||
|
202546AF000
|
heap
|
page read and write
|
||
|
1ADC1451000
|
heap
|
page read and write
|
||
|
2350000
|
heap
|
page read and write
|
||
|
2B9F000
|
stack
|
page read and write
|
||
|
F1F0000
|
remote allocation
|
page read and write
|
||
|
277B000
|
direct allocation
|
page read and write
|
||
|
7F4F0000
|
direct allocation
|
page read and write
|
||
|
20255173000
|
heap
|
page read and write
|
||
|
2A3F000
|
stack
|
page read and write
|
||
|
610000
|
heap
|
page read and write
|
||
|
ECA1000
|
direct allocation
|
page read and write
|
||
|
277FA370000
|
trusted library allocation
|
page read and write
|
||
|
F5D2000
|
heap
|
page read and write
|
||
|
F6F1000
|
heap
|
page read and write
|
||
|
8B5000
|
heap
|
page read and write
|
||
|
21D0000
|
heap
|
page read and write
|
||
|
168AB280000
|
heap
|
page read and write
|
||
|
18DA0C67000
|
heap
|
page read and write
|
||
|
A6275BB000
|
stack
|
page read and write
|
||
|
50F000
|
unkown
|
page read and write
|
||
|
20254692000
|
heap
|
page read and write
|
||
|
2025465A000
|
heap
|
page read and write
|
||
|
2025469E000
|
heap
|
page read and write
|
||
|
233AE051000
|
heap
|
page read and write
|
||
|
F18C1FA000
|
stack
|
page read and write
|
||
|
18DA0C62000
|
heap
|
page read and write
|
||
|
19B000
|
stack
|
page read and write
|
||
|
27804D50000
|
heap
|
page read and write
|
||
|
735000
|
heap
|
page read and write
|
||
|
D46E8FE000
|
stack
|
page read and write
|
||
|
18DA0C6D000
|
heap
|
page read and write
|
||
|
281D6C74000
|
heap
|
page read and write
|
||
|
48A000
|
unkown
|
page write copy
|
||
|
277FA45A000
|
heap
|
page read and write
|
||
|
7EED0000
|
direct allocation
|
page read and write
|
||
|
EC9A000
|
direct allocation
|
page read and write
|
||
|
18DA0C7E000
|
heap
|
page read and write
|
||
|
27804E5C000
|
heap
|
page read and write
|
||
|
281D7528000
|
heap
|
page read and write
|
||
|
2AA7000
|
heap
|
page read and write
|
||
|
F18C47C000
|
stack
|
page read and write
|
||
|
7F4A0000
|
direct allocation
|
page read and write
|
||
|
EF3F000
|
stack
|
page read and write
|
||
|
618000
|
heap
|
page read and write
|
||
|
281D7502000
|
heap
|
page read and write
|
||
|
7EE50000
|
direct allocation
|
page read and write
|
||
|
18DA0C46000
|
heap
|
page read and write
|
||
|
83A000
|
heap
|
page read and write
|
||
|
233AE000000
|
heap
|
page read and write
|
||
|
233AE102000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
20255168000
|
heap
|
page read and write
|
||
|
6EE000
|
stack
|
page read and write
|
||
|
EB4007B000
|
stack
|
page read and write
|
||
|
F18C8FF000
|
stack
|
page read and write
|
||
|
2ABA000
|
heap
|
page read and write
|
||
|
20255174000
|
heap
|
page read and write
|
||
|
2025468B000
|
heap
|
page read and write
|
||
|
281D7600000
|
heap
|
page read and write
|
||
|
EE5E000
|
stack
|
page read and write
|
||
|
9EDD6FE000
|
stack
|
page read and write
|
||
|
27804CF0000
|
heap
|
page read and write
|
||
|
1008FF000
|
stack
|
page read and write
|
||
|
281D6C8B000
|
heap
|
page read and write
|
||
|
5B0000
|
heap
|
page read and write
|
||
|
281D6C84000
|
heap
|
page read and write
|
||
|
2ABF000
|
heap
|
page read and write
|
||
|
20255128000
|
heap
|
page read and write
|
||
|
2854000
|
direct allocation
|
page read and write
|
||
|
27804F08000
|
heap
|
page read and write
|
||
|
233AE8C0000
|
remote allocation
|
page read and write
|
||
|
EBAF000
|
direct allocation
|
page read and write
|
||
|
F1F0000
|
remote allocation
|
page read and write
|
||
|
27804E29000
|
heap
|
page read and write
|
||
|
7EA60000
|
direct allocation
|
page read and write
|
||
|
20254675000
|
heap
|
page read and write
|
||
|
2D40000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
7B7000
|
heap
|
page read and write
|
||
|
233AE040000
|
heap
|
page read and write
|
||
|
1ADC147F000
|
heap
|
page read and write
|
||
|
281D75DE000
|
heap
|
page read and write
|
||
|
281D75BB000
|
heap
|
page read and write
|
||
|
5F6D000
|
stack
|
page read and write
|
||
|
18DA0C45000
|
heap
|
page read and write
|
||
|
281D764A000
|
heap
|
page read and write
|
||
|
18DA0C00000
|
heap
|
page read and write
|
||
|
2BC9000
|
direct allocation
|
page read and write
|
||
|
EF9D000
|
stack
|
page read and write
|
||
|
7EA50000
|
direct allocation
|
page read and write
|
||
|
1ADC1390000
|
heap
|
page read and write
|
||
|
277FA45A000
|
heap
|
page read and write
|
||
|
730000
|
heap
|
page read and write
|
||
|
277FBF02000
|
heap
|
page read and write
|
||
|
1ADC1480000
|
heap
|
page read and write
|
||
|
281D7602000
|
heap
|
page read and write
|
||
|
281D6C29000
|
heap
|
page read and write
|
||
|
20254590000
|
trusted library allocation
|
page read and write
|
||
|
233ADF80000
|
heap
|
page read and write
|
||
|
277FA482000
|
heap
|
page read and write
|
||
|
D46E47B000
|
stack
|
page read and write
|
||
|
2A3E000
|
stack
|
page read and write
|
||
|
D46EAFD000
|
stack
|
page read and write
|
||
|
202546D1000
|
heap
|
page read and write
|
||
|
F760000
|
direct allocation
|
page execute and read and write
|
||
|
2871000
|
direct allocation
|
page read and write
|
||
|
ECA6000
|
direct allocation
|
page read and write
|
||
|
7F560000
|
direct allocation
|
page read and write
|
||
|
168AB488000
|
heap
|
page read and write
|
||
|
2717000
|
stack
|
page read and write
|
||
|
27FE000
|
stack
|
page read and write
|
||
|
2025516E000
|
heap
|
page read and write
|
||
|
EC84000
|
direct allocation
|
page read and write
|
||
|
A627BF7000
|
stack
|
page read and write
|
||
|
F6F0000
|
heap
|
page read and write
|
||
|
78E000
|
stack
|
page read and write
|
||
|
27B4000
|
direct allocation
|
page read and write
|
||
|
277FA500000
|
heap
|
page read and write
|
||
|
281D764D000
|
heap
|
page read and write
|
||
|
291F000
|
stack
|
page read and write
|
||
|
59E000
|
heap
|
page read and write
|
||
|
4A50000
|
heap
|
page read and write
|
||
|
281D6C13000
|
heap
|
page read and write
|
||
|
EC76000
|
direct allocation
|
page read and write
|
||
|
277FA464000
|
heap
|
page read and write
|
||
|
26B0000
|
heap
|
page read and write
|
||
|
27804E00000
|
heap
|
page read and write
|
||
|
2AE9000
|
heap
|
page read and write
|
||
|
168AB400000
|
heap
|
page read and write
|
||
|
607E000
|
stack
|
page read and write
|
||
|
1ADC144A000
|
heap
|
page read and write
|
||
|
F22E000
|
stack
|
page read and write
|
||
|
D46EBFC000
|
stack
|
page read and write
|
||
|
7F2FF000
|
direct allocation
|
page read and write
|
||
|
7E9D0000
|
direct allocation
|
page read and write
|
||
|
A0E000
|
stack
|
page read and write
|
||
|
168AB220000
|
heap
|
page read and write
|
||
|
C8E378F000
|
stack
|
page read and write
|
||
|
27804E99000
|
heap
|
page read and write
|
||
|
F1F0000
|
heap
|
page read and write
|
||
|
2A5F000
|
stack
|
page read and write
|
||
|
277FBE02000
|
heap
|
page read and write
|
||
|
F18C9FF000
|
stack
|
page read and write
|
||
|
C8E3CFD000
|
stack
|
page read and write
|
||
|
EC1C000
|
direct allocation
|
page read and write
|
||
|
7F270000
|
direct allocation
|
page read and write
|
||
|
616000
|
heap
|
page read and write
|
||
|
2CD2000
|
direct allocation
|
page read and write
|
||
|
2AE2000
|
heap
|
page read and write
|
||
|
88D000
|
stack
|
page read and write
|
||
|
23F0000
|
heap
|
page read and write
|
||
|
281D7635000
|
heap
|
page read and write
|
||
|
1ADC1400000
|
heap
|
page read and write
|
||
|
613000
|
heap
|
page read and write
|
||
|
7F330000
|
direct allocation
|
page read and write
|
||
|
F9DD000
|
heap
|
page read and write
|
||
|
168AB44D000
|
heap
|
page read and write
|
||
|
27804E7E000
|
heap
|
page read and write
|
||
|
EB4027A000
|
stack
|
page read and write
|
||
|
4750000
|
trusted library allocation
|
page read and write
|
||
|
7EE50000
|
direct allocation
|
page read and write
|
||
|
281D6AC0000
|
heap
|
page read and write
|
||
|
5C5000
|
heap
|
page read and write
|
||
|
EC53000
|
direct allocation
|
page read and write
|
||
|
5E9000
|
heap
|
page read and write
|
||
|
277FA340000
|
trusted library allocation
|
page read and write
|
||
|
4654000
|
heap
|
page read and write
|
||
|
7F430000
|
direct allocation
|
page read and write
|
||
|
F6F4000
|
heap
|
page read and write
|
||
|
F0DE000
|
stack
|
page read and write
|
||
|
168ABC02000
|
trusted library allocation
|
page read and write
|
||
|
D46E7FF000
|
stack
|
page read and write
|
||
|
233AEA02000
|
trusted library allocation
|
page read and write
|
||
|
F7F0000
|
trusted library allocation
|
page read and write
|
||
|
21F0000
|
direct allocation
|
page execute and read and write
|
||
|
20255173000
|
heap
|
page read and write
|
||
|
1ADC143C000
|
heap
|
page read and write
|
||
|
168AB42A000
|
heap
|
page read and write
|
||
|
2AD2000
|
heap
|
page read and write
|
||
|
18DA0C39000
|
heap
|
page read and write
|
||
|
18DA0C56000
|
heap
|
page read and write
|
||
|
21E0000
|
heap
|
page read and write
|
||
|
18DA0C50000
|
heap
|
page read and write
|
||
|
7EE2F000
|
direct allocation
|
page read and write
|
||
|
281D754E000
|
heap
|
page read and write
|
||
|
1ADC1502000
|
heap
|
page read and write
|
||
|
614000
|
heap
|
page read and write
|
||
|
21B0000
|
heap
|
page read and write
|
||
|
5BE000
|
heap
|
page read and write
|
||
|
816000
|
heap
|
page read and write
|
||
|
90D000
|
stack
|
page read and write
|
||
|
2CA0000
|
heap
|
page read and write
|
||
|
18DA0C4F000
|
heap
|
page read and write
|
||
|
2025516E000
|
heap
|
page read and write
|
||
|
18DA0C47000
|
heap
|
page read and write
|
||
|
19FD7EE000
|
stack
|
page read and write
|
||
|
281D6C8F000
|
heap
|
page read and write
|
||
|
F09D000
|
stack
|
page read and write
|
||
|
47E0000
|
heap
|
page read and write
|
||
|
277FA413000
|
heap
|
page read and write
|
||
|
2320000
|
heap
|
page read and write
|
||
|
2A88000
|
heap
|
page read and write
|
||
|
6EC000
|
stack
|
page read and write
|
||
|
580000
|
heap
|
page read and write
|
||
|
277FA3F0000
|
remote allocation
|
page read and write
|
||
|
284D000
|
direct allocation
|
page read and write
|
||
|
FE43000
|
heap
|
page read and write
|
||
|
ECEC000
|
stack
|
page read and write
|
||
|
20255100000
|
heap
|
page read and write
|
||
|
20255002000
|
heap
|
page read and write
|
||
|
4850000
|
heap
|
page read and write
|
||
|
27AD000
|
direct allocation
|
page read and write
|
||
|
1ADC1429000
|
heap
|
page read and write
|
||
|
F18C5FA000
|
stack
|
page read and write
|
||
|
277FA320000
|
trusted library allocation
|
page read and write
|
||
|
20254713000
|
heap
|
page read and write
|
||
|
7EF6F000
|
direct allocation
|
page read and write
|
||
|
7B0000
|
heap
|
page read and write
|
||
|
202546F2000
|
heap
|
page read and write
|
||
|
2CB1000
|
direct allocation
|
page execute read
|
||
|
737000
|
heap
|
page read and write
|
||
|
9EDD7FD000
|
stack
|
page read and write
|
||
|
D46E9FF000
|
stack
|
page read and write
|
||
|
18DA0C42000
|
heap
|
page read and write
|
||
|
790000
|
heap
|
page read and write
|
||
|
2AC6000
|
heap
|
page read and write
|
||
|
21E3000
|
heap
|
page read and write
|
||
|
47DE000
|
stack
|
page read and write
|
||
|
7E6000
|
heap
|
page read and write
|
||
|
27804E57000
|
heap
|
page read and write
|
||
|
EA9E000
|
stack
|
page read and write
|
||
|
202546B6000
|
heap
|
page read and write
|
||
|
168AB502000
|
heap
|
page read and write
|
||
|
F18C97E000
|
stack
|
page read and write
|
||
|
5BB000
|
heap
|
page read and write
|
||
|
168AB47B000
|
heap
|
page read and write
|
||
|
168AB455000
|
heap
|
page read and write
|
||
|
168AB210000
|
heap
|
page read and write
|
||
|
2AC6000
|
heap
|
page read and write
|
||
|
277FA44A000
|
heap
|
page read and write
|
||
|
281D6C00000
|
heap
|
page read and write
|
||
|
18DA0C77000
|
heap
|
page read and write
|
||
|
C8E3DF7000
|
stack
|
page read and write
|
||
|
29FF000
|
stack
|
page read and write
|
||
|
281D6DB9000
|
heap
|
page read and write
|
||
|
2CD9000
|
direct allocation
|
page read and write
|
||
|
281D6DE1000
|
heap
|
page read and write
|
||
|
281D6BE0000
|
trusted library allocation
|
page read and write
|
||
|
19FDD7E000
|
stack
|
page read and write
|
||
|
28B0000
|
heap
|
page read and write
|
||
|
EB4047B000
|
stack
|
page read and write
|
||
|
2DE2000
|
direct allocation
|
page read and write
|
||
|
27804E5E000
|
heap
|
page read and write
|
||
|
1ADC1E02000
|
trusted library allocation
|
page read and write
|
||
|
281D6D13000
|
heap
|
page read and write
|
||
|
18DA0C49000
|
heap
|
page read and write
|
||
|
550000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
202546D3000
|
heap
|
page read and write
|
||
|
168AB500000
|
heap
|
page read and write
|
||
|
7ED20000
|
direct allocation
|
page read and write
|
||
|
202545F0000
|
remote allocation
|
page read and write
|
||
|
5E6E000
|
stack
|
page read and write
|
||
|
281D7563000
|
heap
|
page read and write
|
||
|
5D6000
|
heap
|
page read and write
|
||
|
18DA0C65000
|
heap
|
page read and write
|
||
|
9CF000
|
stack
|
page read and write
|
||
|
7F460000
|
direct allocation
|
page read and write
|
||
|
EE3E000
|
stack
|
page read and write
|
||
|
281D6D8C000
|
heap
|
page read and write
|
||
|
168AB43C000
|
heap
|
page read and write
|
||
|
281D7654000
|
heap
|
page read and write
|
||
|
18DA0C7B000
|
heap
|
page read and write
|
||
|
ECBC000
|
direct allocation
|
page read and write
|
||
|
EC44000
|
direct allocation
|
page read and write
|
||
|
5B4000
|
heap
|
page read and write
|
||
|
F0CE000
|
stack
|
page read and write
|
||
|
5DB000
|
heap
|
page read and write
|
||
|
18DA0C55000
|
heap
|
page read and write
|
||
|
EB40A7F000
|
stack
|
page read and write
|
||
|
19FDE7F000
|
stack
|
page read and write
|
||
|
C8E3AFB000
|
stack
|
page read and write
|
||
|
277FA43D000
|
heap
|
page read and write
|
||
|
EC58000
|
direct allocation
|
page read and write
|
||
|
168AB422000
|
heap
|
page read and write
|
||
|
277FA402000
|
heap
|
page read and write
|
||
|
27804E13000
|
heap
|
page read and write
|
||
|
281D6C3C000
|
heap
|
page read and write
|
||
|
27805802000
|
trusted library allocation
|
page read and write
|
||
|
27D1000
|
direct allocation
|
page read and write
|
||
|
C8E370F000
|
stack
|
page read and write
|
||
|
168AB413000
|
heap
|
page read and write
|
||
|
F5D0000
|
direct allocation
|
page execute and read and write
|
||
|
20254702000
|
heap
|
page read and write
|
||
|
20255113000
|
heap
|
page read and write
|
||
|
F6F2000
|
heap
|
page read and write
|
||
|
A627CFF000
|
stack
|
page read and write
|
||
|
18DA0B50000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
281D7500000
|
heap
|
page read and write
|
||
|
1ADC1402000
|
heap
|
page read and write
|
||
|
2A80000
|
heap
|
page read and write
|
||
|
2D48000
|
heap
|
page read and write
|
||
|
1ADC144B000
|
heap
|
page read and write
|
||
|
286A000
|
direct allocation
|
page read and write
|
||
|
6A6000
|
stack
|
page read and write
|
||
|
1ADC1449000
|
heap
|
page read and write
|
||
|
18DA0C4E000
|
heap
|
page read and write
|
||
|
2BDA000
|
direct allocation
|
page read and write
|
||
|
A627AFB000
|
stack
|
page read and write
|
||
|
19FD6EB000
|
stack
|
page read and write
|
||
|
60BF000
|
stack
|
page read and write
|
||
|
478000
|
direct allocation
|
page execute and read and write
|
||
|
5B9000
|
heap
|
page read and write
|
||
|
233AE890000
|
trusted library allocation
|
page read and write
|
||
|
2ACD000
|
heap
|
page read and write
|
||
|
D46EDFC000
|
stack
|
page read and write
|
||
|
617E000
|
stack
|
page read and write
|
||
|
5F4000
|
heap
|
page read and write
|
||
|
5A1000
|
heap
|
page read and write
|
||
|
1ADC13C0000
|
trusted library allocation
|
page read and write
|
||
|
281D6C86000
|
heap
|
page read and write
|
||
|
18DA0C60000
|
heap
|
page read and write
|
||
|
277FA400000
|
heap
|
page read and write
|
||
|
168AB380000
|
trusted library allocation
|
page read and write
|
||
|
ED1C000
|
stack
|
page read and write
|
||
|
EC7D000
|
direct allocation
|
page read and write
|
||
|
83A000
|
heap
|
page read and write
|
||
|
20254560000
|
heap
|
page read and write
|
||
|
2A50000
|
heap
|
page read and write
|
||
|
2863000
|
direct allocation
|
page read and write
|
||
|
28FE000
|
stack
|
page read and write
|
||
|
F6F6000
|
heap
|
page read and write
|
||
|
2AB7000
|
heap
|
page read and write
|
||
|
5C2000
|
heap
|
page read and write
|
||
|
F5D0000
|
trusted library allocation
|
page read and write
|
||
|
F1FE000
|
heap
|
page read and write
|
||
|
20255126000
|
heap
|
page read and write
|
||
|
281D6C62000
|
heap
|
page read and write
|
||
|
202545F0000
|
remote allocation
|
page read and write
|
||
|
233AE013000
|
heap
|
page read and write
|
||
|
2B5F000
|
stack
|
page read and write
|
||
|
ECD1000
|
direct allocation
|
page read and write
|
||
|
7EEC9000
|
direct allocation
|
page read and write
|
||
|
281D7613000
|
heap
|
page read and write
|
||
|
27804F00000
|
heap
|
page read and write
|
||
|
20255102000
|
heap
|
page read and write
|
||
|
2878000
|
direct allocation
|
page read and write
|
||
|
83A000
|
heap
|
page read and write
|
||
|
57A000
|
heap
|
page read and write
|
||
|
277FA459000
|
heap
|
page read and write
|
||
|
18DA0C6A000
|
heap
|
page read and write
|
||
|
168AB513000
|
heap
|
page read and write
|
||
|
557000
|
heap
|
page read and write
|
||
|
602000
|
heap
|
page read and write
|
||
|
812000
|
heap
|
page read and write
|
||
|
1ADC1513000
|
heap
|
page read and write
|
||
|
F4CE000
|
stack
|
page read and write
|
||
|
18DA0C30000
|
heap
|
page read and write
|
||
|
277FA449000
|
heap
|
page read and write
|
||
|
2ABD000
|
heap
|
page read and write
|
||
|
F1DD000
|
stack
|
page read and write
|
||
|
281D6C51000
|
heap
|
page read and write
|
||
|
602F000
|
stack
|
page read and write
|
||
|
F7E2000
|
heap
|
page read and write
|
||
|
2ABF000
|
heap
|
page read and write
|
||
|
27E6000
|
direct allocation
|
page read and write
|
||
|
281D757C000
|
heap
|
page read and write
|
||
|
2BA1000
|
direct allocation
|
page execute read
|
||
|
202546D3000
|
heap
|
page read and write
|
||
|
EB4097E000
|
stack
|
page read and write
|
||
|
50F000
|
unkown
|
page read and write
|
||
|
1ADC1500000
|
heap
|
page read and write
|
||
|
168AB452000
|
heap
|
page read and write
|
||
|
C8E3FFF000
|
stack
|
page read and write
|
||
|
233AE029000
|
heap
|
page read and write
|
||
|
2D2F000
|
stack
|
page read and write
|
||
|
202544F0000
|
heap
|
page read and write
|
||
|
20254702000
|
heap
|
page read and write
|
||
|
1ADC144F000
|
heap
|
page read and write
|
||
|
F32E000
|
stack
|
page read and write
|
||
|
9EDD0EC000
|
stack
|
page read and write
|
||
|
7F430000
|
direct allocation
|
page read and write
|
||
|
281D6A50000
|
heap
|
page read and write
|
||
|
EC8C000
|
direct allocation
|
page read and write
|
||
|
F1F9000
|
heap
|
page read and write
|
||
|
58A000
|
heap
|
page read and write
|
||
|
18DA0AF0000
|
heap
|
page read and write
|
||
|
F6D0000
|
direct allocation
|
page execute and read and write
|
||
|
7FD70000
|
direct allocation
|
page read and write
|
||
|
EB4077F000
|
stack
|
page read and write
|
||
|
281D6C92000
|
heap
|
page read and write
|
||
|
2AA7000
|
heap
|
page read and write
|
||
|
277FA3F0000
|
remote allocation
|
page read and write
|
||
|
202546D1000
|
heap
|
page read and write
|
||
|
5E2B000
|
stack
|
page read and write
|
||
|
7EAC0000
|
direct allocation
|
page read and write
|
||
|
2BBE000
|
stack
|
page read and write
|
||
|
20254702000
|
heap
|
page read and write
|
||
|
8B0000
|
heap
|
page read and write
|
||
|
20254629000
|
heap
|
page read and write
|
||
|
20255162000
|
heap
|
page read and write
|
||
|
27804E5D000
|
heap
|
page read and write
|
||
|
277FA518000
|
heap
|
page read and write
|
||
|
FBDB000
|
heap
|
page read and write
|
||
|
20254683000
|
heap
|
page read and write
|
||
|
233ADF90000
|
heap
|
page read and write
|
||
|
F1CD000
|
stack
|
page read and write
|
||
|
9EDDA7D000
|
stack
|
page read and write
|
||
|
F5D4000
|
heap
|
page read and write
|
||
|
1ADC1330000
|
heap
|
page read and write
|
||
|
168AB508000
|
heap
|
page read and write
|
||
|
202546F2000
|
heap
|
page read and write
|
||
|
EC6C000
|
direct allocation
|
page read and write
|
||
|
513000
|
unkown
|
page write copy
|
||
|
EB4067D000
|
stack
|
page read and write
|
||
|
233AE8C0000
|
remote allocation
|
page read and write
|
||
|
202546D3000
|
heap
|
page read and write
|
||
|
277FA513000
|
heap
|
page read and write
|
||
|
7EDC0000
|
direct allocation
|
page read and write
|
||
|
EF8D000
|
stack
|
page read and write
|
||
|
1004FB000
|
stack
|
page read and write
|
||
|
6AE000
|
stack
|
page read and write
|
||
|
281D6C51000
|
heap
|
page read and write
|
||
|
EB4057E000
|
stack
|
page read and write
|
||
|
2A7E000
|
stack
|
page read and write
|
||
|
2310000
|
heap
|
page read and write
|
||
|
EC93000
|
direct allocation
|
page read and write
|
||
|
7EF00000
|
direct allocation
|
page read and write
|
||
|
72E000
|
stack
|
page read and write
|
||
|
281D6A60000
|
heap
|
page read and write
|
||
|
2325000
|
heap
|
page read and write
|
||
|
18DA0C7A000
|
heap
|
page read and write
|
||
|
5FEE000
|
stack
|
page read and write
|
||
|
2AAB000
|
heap
|
page read and write
|
||
|
A627DFD000
|
stack
|
page read and write
|
||
|
5E9000
|
heap
|
page read and write
|
||
|
5F4000
|
heap
|
page read and write
|
||
|
275B000
|
stack
|
page read and write
|
||
|
27804F02000
|
heap
|
page read and write
|
||
|
808000
|
heap
|
page read and write
|
||
|
555000
|
heap
|
page read and write
|
||
|
18DA0C75000
|
heap
|
page read and write
|
||
|
5D2000
|
heap
|
page read and write
|
||
|
7EF000
|
heap
|
page read and write
|
||
|
281D75ED000
|
heap
|
page read and write
|
||
|
9EDD5FE000
|
stack
|
page read and write
|
||
|
7F4CF000
|
direct allocation
|
page read and write
|
||
|
2A9E000
|
stack
|
page read and write
|
||
|
7ECC0000
|
direct allocation
|
page read and write
|
||
|
27804E60000
|
heap
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
277FA502000
|
heap
|
page read and write
|
||
|
18DA0C29000
|
heap
|
page read and write
|
||
|
606000
|
heap
|
page read and write
|
||
|
2CEE000
|
stack
|
page read and write
|
||
|
60D000
|
heap
|
page read and write
|
||
|
18DA0C40000
|
heap
|
page read and write
|
||
|
18DA0C4B000
|
heap
|
page read and write
|
||
|
F4D7000
|
heap
|
page read and write
|
||
|
7ED40000
|
direct allocation
|
page read and write
|
||
|
7F4F0000
|
direct allocation
|
page read and write
|
||
|
27D8000
|
direct allocation
|
page read and write
|
||
|
2C9F000
|
stack
|
page read and write
|
||
|
18DA0AE0000
|
heap
|
page read and write
|
||
|
48A000
|
unkown
|
page read and write
|
||
|
7EF000
|
heap
|
page read and write
|
||
|
281D6C77000
|
heap
|
page read and write
|
||
|
27804CE0000
|
heap
|
page read and write
|
||
|
EE1A000
|
stack
|
page read and write
|
||
|
7FDC0000
|
direct allocation
|
page read and write
|
||
|
20255150000
|
heap
|
page read and write
|
||
|
F39B000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
8CE000
|
stack
|
page read and write
|
||
|
478000
|
direct allocation
|
page execute and read and write
|
||
|
7FD20000
|
direct allocation
|
page read and write
|
||
|
27BC000
|
direct allocation
|
page read and write
|
||
|
7F620000
|
direct allocation
|
page read and write
|
||
|
2B9E000
|
stack
|
page read and write
|
||
|
4650000
|
heap
|
page read and write
|
||
|
277FA220000
|
heap
|
page read and write
|
||
|
570000
|
heap
|
page read and write
|
||
|
2220000
|
heap
|
page read and write
|
||
|
202545F0000
|
remote allocation
|
page read and write
|
||
|
281E000
|
stack
|
page read and write
|
||
|
27804E63000
|
heap
|
page read and write
|
||
|
18DA0B80000
|
trusted library allocation
|
page read and write
|
||
|
285C000
|
direct allocation
|
page read and write
|
||
|
277FA1B0000
|
heap
|
page read and write
|
||
|
281D6C67000
|
heap
|
page read and write
|
||
|
49A0000
|
heap
|
page read and write
|
||
|
C8E3EFF000
|
stack
|
page read and write
|
||
|
5FE000
|
heap
|
page read and write
|
||
|
2AD2000
|
heap
|
page read and write
|
||
|
7F430000
|
direct allocation
|
page read and write
|
||
|
C8E3BFB000
|
stack
|
page read and write
|
||
|
233ADFF0000
|
heap
|
page read and write
|
||
|
4650000
|
heap
|
page read and write
|
||
|
2A53000
|
heap
|
page read and write
|
||
|
19FDC7E000
|
stack
|
page read and write
|
||
|
7FBF0000
|
direct allocation
|
page read and write
|
||
|
EB40BFF000
|
stack
|
page read and write
|
||
|
ECCA000
|
direct allocation
|
page read and write
|
||
|
27804E58000
|
heap
|
page read and write
|
||
|
EDEA000
|
stack
|
page read and write
|
||
|
F18C4F9000
|
stack
|
page read and write
|
||
|
7E950000
|
direct allocation
|
page read and write
|
||
|
18DA1602000
|
trusted library allocation
|
page read and write
|
||
|
202546F2000
|
heap
|
page read and write
|
||
|
20255160000
|
heap
|
page read and write
|
||
|
1ADC1413000
|
heap
|
page read and write
|
||
|
202546E4000
|
heap
|
page read and write
|
||
|
168AB46F000
|
heap
|
page read and write
|
||
|
591000
|
heap
|
page read and write
|
||
|
168AB47D000
|
heap
|
page read and write
|
||
|
27C3000
|
direct allocation
|
page read and write
|
||
|
10007B000
|
stack
|
page read and write
|
||
|
7EBF0000
|
direct allocation
|
page read and write
|
||
|
640000
|
heap
|
page read and write
|
||
|
18DA0C84000
|
heap
|
page read and write
|
||
|
B0F000
|
stack
|
page read and write
|
||
|
7FBF0000
|
direct allocation
|
page read and write
|
||
|
ECC3000
|
direct allocation
|
page read and write
|
||
|
7EF00000
|
direct allocation
|
page read and write
|
||
|
2250000
|
heap
|
page read and write
|
||
|
F650000
|
direct allocation
|
page execute and read and write
|
||
|
7F4F0000
|
direct allocation
|
page read and write
|
||
|
20255176000
|
heap
|
page read and write
|
||
|
9EDD97D000
|
stack
|
page read and write
|
||
|
27804E61000
|
heap
|
page read and write
|
||
|
474000
|
direct allocation
|
page execute and read and write
|
||
|
474000
|
direct allocation
|
page execute and read and write
|
||
|
202546D2000
|
heap
|
page read and write
|
||
|
168AB44B000
|
heap
|
page read and write
|
||
|
7ECC0000
|
direct allocation
|
page read and write
|
||
|
EC9F000
|
direct allocation
|
page read and write
|
||
|
2ADA000
|
heap
|
page read and write
|
||
|
2880000
|
direct allocation
|
page execute and read and write
|
||
|
18DA0C6B000
|
heap
|
page read and write
|
||
|
61BF000
|
stack
|
page read and write
|
||
|
EB4037D000
|
stack
|
page read and write
|
||
|
22F0000
|
heap
|
page read and write
|
||
|
18DA0C13000
|
heap
|
page read and write
|
||
|
EB9F000
|
stack
|
page read and write
|
||
|
2355000
|
heap
|
page read and write
|
||
|
19B000
|
stack
|
page read and write
|
||
|
EB40B7E000
|
stack
|
page read and write
|
||
|
202546D2000
|
heap
|
page read and write
|
||
|
D46ECFE000
|
stack
|
page read and write
|
||
|
80B000
|
heap
|
page read and write
|
||
|
10017E000
|
stack
|
page read and write
|
||
|
5AE000
|
heap
|
page read and write
|
||
|
F18BDFC000
|
stack
|
page read and write
|
||
|
168AB44F000
|
heap
|
page read and write
|
||
|
482D000
|
stack
|
page read and write
|
||
|
F4DD000
|
heap
|
page read and write
|
||
|
F1F0000
|
remote allocation
|
page read and write
|
||
|
1ADC1508000
|
heap
|
page read and write
|
||
|
4687000
|
heap
|
page read and write
|
||
|
F5CF000
|
stack
|
page read and write
|
||
|
C8E368C000
|
stack
|
page read and write
|
||
|
5FF000
|
heap
|
page read and write
|
||
|
7F724000
|
direct allocation
|
page read and write
|
||
|
168AB449000
|
heap
|
page read and write
|
||
|
2790000
|
direct allocation
|
page read and write
|
||
|
ECB4000
|
direct allocation
|
page read and write
|
||
|
83A000
|
heap
|
page read and write
|
||
|
48A000
|
unkown
|
page read and write
|
||
|
202546CB000
|
heap
|
page read and write
|
||
|
281D7652000
|
heap
|
page read and write
|
||
|
1ADC1470000
|
heap
|
page read and write
|
||
|
20254697000
|
heap
|
page read and write
|
||
|
A62787E000
|
stack
|
page read and write
|
||
|
277FA3B0000
|
trusted library allocation
|
page read and write
|
||
|
802000
|
heap
|
page read and write
|
||
|
1005FB000
|
stack
|
page read and write
|
||
|
479E000
|
stack
|
page read and write
|
There are 659 hidden memdumps, click here to show them.