Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Hu25VEa8Dr.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
initial sample
|
 |
|
|
C:\ProgramData\Local Settings\Temp\msoiruj.bat
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\0BBFF.tmp
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\Firozedikami.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\Gozekeneka.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\Jahulocayedo.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\Lohonibuhod.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\MSI\msiexec.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\Sahofivizu.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\Zojemilocan.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\naseropuxeq.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\natigezeholi.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\xuxokuxoka.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\yiduyevutog.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\0BBFF.tmp:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
modified
|
||
|
C:\Users\user\AppData\Local\Temp\Yumicebivud.rih
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\rikayolehofu.Xoc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-966771315-3019405637-367336477-1006\f554348b930ff81505ce47f7c6b7d232_ea860e7a-a87f-4a88-92ef-38f744458171
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\R3PRUMZY.txt
|
ASCII text
|
modified
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\Y4A6H5R0.txt
|
ASCII text
|
dropped
|
There are 10 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\Hu25VEa8Dr.exe
|
C:\Users\user\Desktop\Hu25VEa8Dr.exe
|
|
|
|
C:\Users\user\AppData\Local\Temp\Sahofivizu.exe
|
C:\Users\user\AppData\Local\Temp\Sahofivizu.exe" "C:\Users\user\Desktop\Hu25VEa8Dr.exe
|
|
|
|
C:\Users\user\Desktop\Hu25VEa8Dr.exe
|
C:\Users\user\Desktop\Hu25VEa8Dr.exe
|
|
|
|
C:\Users\user\Desktop\Hu25VEa8Dr.exe
|
C:\Users\user\Desktop\Hu25VEa8Dr.exe
|
|
|
|
C:\Users\user\AppData\Local\Temp\MSI\msiexec.exe
|
"C:\Users\user\AppData\Local\Temp\MSI\msiexec.exe"
|
|
|
|
C:\Users\user\AppData\Local\Temp\Lohonibuhod.exe
|
"C:\Users\user\AppData\Local\Temp\Lohonibuhod.exe" "C:\Users\user\AppData\Local\Temp\MSI\msiexec.exe"
|
|
|
|
C:\Users\user\AppData\Local\Temp\MSI\msiexec.exe
|
"C:\Users\user\AppData\Local\Temp\MSI\msiexec.exe"
|
|
|
|
C:\Users\user\AppData\Local\Temp\MSI\msiexec.exe
|
"C:\Users\user\AppData\Local\Temp\MSI\msiexec.exe"
|
|
|
|
C:\Windows\SysWOW64\svchost.exe
|
C:\Windows\syswow64\svchost.exe
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://xdqzpbcgrvkj.ru/in.php
|
147.75.61.38
|
|
|
|
http://pe.suckmycocklameavindustry.in/dtkdvjezlgdvslgbvqqjiiheaxroigff
|
34.29.71.138
|
|
|
|
http://pe.suckmycocklameavindustry.in/
|
unknown
|
||
|
http://orzdwjtvmein.in/in.php
|
unknown
|
||
|
http://nsis.sf.net/NSIS_Error
|
unknown
|
||
|
http://bdcrqgonzmwuehky.nl/in.php
|
unknown
|
||
|
http://pe.suckmycocklameavindustry.in/DOS_STUBhttp://sc.suckmycocklameavindustry.in/ImageBasehttp://
|
unknown
|
||
|
http://pe.suckmycocklameavindustry.in/dtkdvjezlgdvslgbvqqjiiheaxroigffC:
|
unknown
|
||
|
http://pe.suckmycocklameavindustry.in/dtkdvjezlgdvslgbvqqjiiheaxroigff6Tl
|
unknown
|
||
|
http://somicrososoft.ru/in.php
|
unknown
|
||
|
http://img.suckmycocklameavindustry.in/
|
unknown
|
||
|
http://nsis.sf.net/
|
unknown
|
||
|
http://nsis.sf.net/NSIS_ErrorError
|
unknown
|
||
|
http://anam0rph.su/in.php
|
unknown
|
||
|
http://xdqzpbcgrvkj.ru/in.phphttp://anam0rph.su/in.phphttp://orzdwjtvmein.in/in.phphttp://ygiudewsqh
|
unknown
|
||
|
http://sc.suckmycocklameavindustry.in/
|
unknown
|
||
|
http://ygiudewsqhct.in/in.php
|
unknown
|
There are 7 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
pe.suckmycocklameavindustry.in
|
34.29.71.138
|
|
|
|
xdqzpbcgrvkj.ru
|
147.75.61.38
|
|
|
|
anam0rph.su
|
unknown
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
34.29.71.138
|
pe.suckmycocklameavindustry.in
|
United States
|
|
|
|
147.75.61.38
|
xdqzpbcgrvkj.ru
|
Switzerland
|
|
|
|
192.168.2.255
|
unknown
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
|
14108
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft
|
00E35EEE
|
||
|
HKEY_CURRENT_USER\Software
|
ImageBase
|
||
|
HKEY_CURRENT_USER\Software
|
IMAGE_FILE_HEADER
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
|
SavedLegacySettings
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
255F000
|
stack
|
page read and write
|
||
|
900000
|
heap
|
page read and write
|
||
|
24000
|
unkown
|
page readonly
|
||
|
26FF000
|
stack
|
page read and write
|
||
|
24E0000
|
trusted library allocation
|
page read and write
|
||
|
2300000
|
heap
|
page read and write
|
||
|
18C000
|
stack
|
page read and write
|
||
|
1E00000
|
heap
|
page read and write
|
||
|
278F000
|
stack
|
page read and write
|
||
|
CBF000
|
stack
|
page read and write
|
||
|
5A0000
|
heap
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
434000
|
unkown
|
page read and write
|
||
|
61D000
|
stack
|
page read and write
|
||
|
574000
|
heap
|
page read and write
|
||
|
2400000
|
trusted library allocation
|
page read and write
|
||
|
306000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
5F0000
|
heap
|
page read and write
|
||
|
409000
|
unkown
|
page read and write
|
||
|
620000
|
heap
|
page read and write
|
||
|
403000
|
unkown
|
page read and write
|
||
|
31C000
|
heap
|
page read and write
|
||
|
315000
|
heap
|
page read and write
|
||
|
245F000
|
stack
|
page read and write
|
||
|
911000
|
heap
|
page read and write
|
||
|
9F0000
|
heap
|
page read and write
|
||
|
3A6000
|
heap
|
page read and write
|
||
|
24E0000
|
trusted library allocation
|
page read and write
|
||
|
404000
|
unkown
|
page readonly
|
||
|
8F0000
|
heap
|
page read and write
|
||
|
350000
|
heap
|
page read and write
|
||
|
919000
|
heap
|
page read and write
|
||
|
25DF000
|
stack
|
page read and write
|
||
|
24E0000
|
trusted library allocation
|
page read and write
|
||
|
402000
|
unkown
|
page readonly
|
||
|
283E000
|
stack
|
page read and write
|
||
|
82C000
|
stack
|
page read and write
|
||
|
230000
|
direct allocation
|
page read and write
|
||
|
24E0000
|
trusted library allocation
|
page read and write
|
||
|
81E000
|
stack
|
page read and write
|
||
|
18D000
|
stack
|
page read and write
|
||
|
409000
|
unkown
|
page write copy
|
||
|
5ED000
|
heap
|
page read and write
|
||
|
24E0000
|
trusted library allocation
|
page read and write
|
||
|
3EE000
|
stack
|
page read and write
|
||
|
316000
|
heap
|
page read and write
|
||
|
2400000
|
trusted library allocation
|
page read and write
|
||
|
5C4000
|
heap
|
page read and write
|
||
|
409000
|
unkown
|
page write copy
|
||
|
400000
|
unkown
|
page readonly
|
||
|
8C1000
|
heap
|
page read and write
|
||
|
130000
|
direct allocation
|
page read and write
|
||
|
2400000
|
trusted library allocation
|
page read and write
|
||
|
60B000
|
heap
|
page read and write
|
||
|
4A0000
|
heap
|
page read and write
|
||
|
24E0000
|
trusted library allocation
|
page read and write
|
||
|
1F20000
|
heap
|
page read and write
|
||
|
20E2000
|
heap
|
page read and write
|
||
|
409000
|
unkown
|
page write copy
|
||
|
8AE000
|
heap
|
page read and write
|
||
|
5CE000
|
heap
|
page read and write
|
||
|
2400000
|
trusted library allocation
|
page read and write
|
||
|
4B7000
|
heap
|
page read and write
|
||
|
24E0000
|
trusted library allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
1BB000
|
stack
|
page read and write
|
||
|
5E3000
|
heap
|
page read and write
|
||
|
622000
|
heap
|
page read and write
|
||
|
C20000
|
heap
|
page read and write
|
||
|
870000
|
heap
|
page read and write
|
||
|
407000
|
unkown
|
page readonly
|
||
|
24DF000
|
stack
|
page read and write
|
||
|
2400000
|
trusted library allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
24E0000
|
trusted library allocation
|
page read and write
|
||
|
2E7000
|
heap
|
page read and write
|
||
|
4D4000
|
heap
|
page read and write
|
||
|
18D000
|
stack
|
page read and write
|
||
|
8C1000
|
heap
|
page read and write
|
||
|
10005000
|
unkown
|
page read and write
|
||
|
10000000
|
unkown
|
page readonly
|
||
|
620000
|
heap
|
page read and write
|
||
|
2B0000
|
heap
|
page read and write
|
||
|
30A000
|
heap
|
page read and write
|
||
|
252000
|
heap
|
page read and write
|
||
|
590000
|
heap
|
page read and write
|
||
|
23000
|
unkown
|
page read and write
|
||
|
520000
|
heap
|
page read and write
|
||
|
560000
|
heap
|
page read and write
|
||
|
38F000
|
stack
|
page read and write
|
||
|
31000
|
unkown
|
page execute read
|
||
|
2E0000
|
heap
|
page read and write
|
||
|
887000
|
heap
|
page read and write
|
||
|
24000
|
unkown
|
page readonly
|
||
|
24E0000
|
trusted library allocation
|
page read and write
|
||
|
5EE000
|
heap
|
page read and write
|
||
|
2D4000
|
heap
|
page read and write
|
||
|
405000
|
unkown
|
page readonly
|
||
|
27F000
|
stack
|
page read and write
|
||
|
220000
|
unkown
|
page readonly
|
||
|
400000
|
unkown
|
page readonly
|
||
|
230000
|
trusted library allocation
|
page read and write
|
||
|
210000
|
heap
|
page read and write
|
||
|
10004000
|
unkown
|
page readonly
|
||
|
437000
|
unkown
|
page readonly
|
||
|
400000
|
unkown
|
page readonly
|
||
|
437000
|
unkown
|
page readonly
|
||
|
5E2000
|
heap
|
page read and write
|
||
|
2252000
|
heap
|
page read and write
|
||
|
24E0000
|
trusted library allocation
|
page read and write
|
||
|
300000
|
heap
|
page read and write
|
||
|
42D000
|
heap
|
page read and write
|
||
|
30F000
|
heap
|
page read and write
|
||
|
407000
|
unkown
|
page readonly
|
||
|
27B000
|
stack
|
page read and write
|
||
|
437000
|
unkown
|
page readonly
|
||
|
1E0000
|
trusted library allocation
|
page read and write
|
||
|
2400000
|
trusted library allocation
|
page read and write
|
||
|
5E3000
|
heap
|
page read and write
|
||
|
597000
|
heap
|
page read and write
|
||
|
86C000
|
stack
|
page read and write
|
||
|
21E0000
|
heap
|
page read and write
|
||
|
200000
|
heap
|
page read and write
|
||
|
10005000
|
unkown
|
page read and write
|
||
|
10006000
|
unkown
|
page readonly
|
||
|
2400000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
3A0000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
2400000
|
trusted library allocation
|
page read and write
|
||
|
24DF000
|
stack
|
page read and write
|
||
|
437000
|
unkown
|
page readonly
|
||
|
10000
|
heap
|
page read and write
|
||
|
2DE000
|
stack
|
page read and write
|
||
|
213E000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
BB0000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
24E0000
|
trusted library allocation
|
page read and write
|
||
|
846000
|
heap
|
page read and write
|
||
|
610000
|
heap
|
page read and write
|
||
|
597000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
400000
|
unkown
|
page readonly
|
||
|
24E0000
|
trusted library allocation
|
page read and write
|
||
|
410000
|
heap
|
page read and write
|
||
|
904000
|
heap
|
page read and write
|
||
|
905000
|
heap
|
page read and write
|
||
|
407000
|
unkown
|
page readonly
|
||
|
420000
|
unkown
|
page read and write
|
||
|
24E0000
|
trusted library allocation
|
page read and write
|
||
|
230000
|
heap
|
page read and write
|
||
|
511000
|
heap
|
page read and write
|
||
|
298E000
|
stack
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
21FD000
|
heap
|
page read and write
|
||
|
24E0000
|
trusted library allocation
|
page read and write
|
||
|
1FE0000
|
heap
|
page read and write
|
||
|
5BE000
|
stack
|
page read and write
|
||
|
52B000
|
stack
|
page read and write
|
||
|
10000000
|
unkown
|
page readonly
|
||
|
20C0000
|
heap
|
page read and write
|
||
|
24E0000
|
trusted library allocation
|
page read and write
|
||
|
2400000
|
trusted library allocation
|
page read and write
|
||
|
903000
|
heap
|
page read and write
|
||
|
907000
|
heap
|
page read and write
|
||
|
5C0000
|
heap
|
page read and write
|
||
|
3A0000
|
heap
|
page read and write
|
||
|
8B000
|
stack
|
page read and write
|
||
|
431000
|
unkown
|
page read and write
|
||
|
330000
|
heap
|
page read and write
|
||
|
CD0000
|
system
|
page execute and read and write
|
||
|
8D000
|
stack
|
page read and write
|
||
|
24E0000
|
trusted library allocation
|
page read and write
|
||
|
590000
|
heap
|
page read and write
|
||
|
5E4000
|
heap
|
page read and write
|
||
|
22000
|
unkown
|
page readonly
|
||
|
5E6000
|
heap
|
page read and write
|
||
|
6E0000
|
heap
|
page read and write
|
||
|
2240000
|
heap
|
page read and write
|
||
|
2400000
|
trusted library allocation
|
page read and write
|
||
|
312000
|
heap
|
page read and write
|
||
|
20000
|
unkown
|
page readonly
|
||
|
484000
|
heap
|
page read and write
|
||
|
550000
|
heap
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
500000
|
heap
|
page read and write
|
||
|
130000
|
direct allocation
|
page execute and read and write
|
||
|
8E7000
|
heap
|
page read and write
|
||
|
10001000
|
unkown
|
page execute read
|
||
|
18E000
|
stack
|
page read and write
|
||
|
404000
|
unkown
|
page readonly
|
||
|
293F000
|
stack
|
page read and write
|
||
|
280000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
3A4000
|
heap
|
page read and write
|
||
|
71D000
|
heap
|
page read and write
|
||
|
311000
|
heap
|
page read and write
|
||
|
20000
|
direct allocation
|
page execute and read and write
|
||
|
24E0000
|
trusted library allocation
|
page read and write
|
||
|
407000
|
unkown
|
page readonly
|
||
|
50D000
|
heap
|
page read and write
|
||
|
2400000
|
trusted library allocation
|
page read and write
|
||
|
18B000
|
stack
|
page read and write
|
||
|
21000
|
unkown
|
page execute read
|
||
|
31000
|
unkown
|
page execute read
|
||
|
1E0000
|
direct allocation
|
page execute and read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
20C4000
|
heap
|
page read and write
|
||
|
5D3000
|
heap
|
page read and write
|
||
|
2400000
|
trusted library allocation
|
page read and write
|
||
|
2A0000
|
heap
|
page read and write
|
||
|
24E0000
|
trusted library allocation
|
page read and write
|
||
|
5BE000
|
heap
|
page read and write
|
||
|
273E000
|
stack
|
page read and write
|
||
|
24E0000
|
trusted library allocation
|
page read and write
|
||
|
5BE000
|
heap
|
page read and write
|
||
|
919000
|
heap
|
page read and write
|
||
|
30000
|
unkown
|
page readonly
|
||
|
24E0000
|
trusted library allocation
|
page read and write
|
||
|
420000
|
unkown
|
page read and write
|
||
|
437000
|
unkown
|
page readonly
|
||
|
221000
|
unkown
|
page execute read
|
||
|
2400000
|
trusted library allocation
|
page read and write
|
||
|
733000
|
heap
|
page read and write
|
||
|
613000
|
heap
|
page read and write
|
||
|
915000
|
heap
|
page read and write
|
||
|
505000
|
heap
|
page read and write
|
||
|
20000
|
unkown
|
page readonly
|
||
|
21000
|
unkown
|
page execute read
|
||
|
440000
|
heap
|
page read and write
|
||
|
876000
|
heap
|
page read and write
|
||
|
234000
|
heap
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
590000
|
heap
|
page read and write
|
||
|
2120000
|
heap
|
page read and write
|
||
|
290000
|
heap
|
page read and write
|
||
|
1E00000
|
heap
|
page read and write
|
||
|
24E0000
|
trusted library allocation
|
page read and write
|
||
|
437000
|
unkown
|
page readonly
|
||
|
434000
|
unkown
|
page read and write
|
||
|
1E0000
|
direct allocation
|
page execute and read and write
|
||
|
1E7E000
|
stack
|
page read and write
|
||
|
C00000
|
heap
|
page read and write
|
||
|
2D0000
|
heap
|
page read and write
|
||
|
201F000
|
stack
|
page read and write
|
||
|
70D000
|
heap
|
page read and write
|
||
|
409000
|
unkown
|
page read and write
|
||
|
414000
|
unkown
|
page read and write
|
||
|
211F000
|
stack
|
page read and write
|
||
|
878000
|
heap
|
page read and write
|
||
|
230000
|
heap
|
page read and write
|
||
|
2400000
|
trusted library allocation
|
page read and write
|
||
|
24E0000
|
trusted library allocation
|
page read and write
|
||
|
18D000
|
stack
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
1C50000
|
direct allocation
|
page read and write
|
||
|
25AD000
|
stack
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
402000
|
unkown
|
page readonly
|
||
|
2400000
|
trusted library allocation
|
page read and write
|
||
|
2CF000
|
stack
|
page read and write
|
||
|
72D000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
224000
|
unkown
|
page readonly
|
||
|
405000
|
unkown
|
page readonly
|
||
|
2E0000
|
heap
|
page read and write
|
||
|
2400000
|
trusted library allocation
|
page read and write
|
||
|
318000
|
heap
|
page read and write
|
||
|
24E0000
|
trusted library allocation
|
page read and write
|
||
|
2400000
|
trusted library allocation
|
page read and write
|
||
|
28F0000
|
heap
|
page read and write
|
||
|
2F7000
|
heap
|
page read and write
|
||
|
10006000
|
unkown
|
page readonly
|
||
|
460000
|
heap
|
page read and write
|
||
|
2400000
|
trusted library allocation
|
page read and write
|
||
|
10004000
|
unkown
|
page readonly
|
||
|
401000
|
unkown
|
page execute read
|
||
|
2400000
|
trusted library allocation
|
page read and write
|
||
|
3CF000
|
stack
|
page read and write
|
||
|
402000
|
unkown
|
page readonly
|
||
|
437000
|
unkown
|
page readonly
|
||
|
5ED000
|
heap
|
page read and write
|
||
|
22FF000
|
stack
|
page read and write
|
||
|
3FE000
|
stack
|
page read and write
|
||
|
615000
|
heap
|
page read and write
|
||
|
8A4000
|
heap
|
page read and write
|
||
|
407000
|
unkown
|
page readonly
|
||
|
60E000
|
stack
|
page read and write
|
||
|
8B1000
|
heap
|
page read and write
|
||
|
509000
|
heap
|
page read and write
|
||
|
58A000
|
heap
|
page read and write
|
||
|
5E7000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
2B7000
|
heap
|
page read and write
|
||
|
8D000
|
stack
|
page read and write
|
||
|
314000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
6F0000
|
heap
|
page read and write
|
||
|
24E0000
|
trusted library allocation
|
page read and write
|
||
|
350000
|
heap
|
page read and write
|
||
|
917000
|
heap
|
page read and write
|
||
|
32000
|
unkown
|
page readonly
|
||
|
24E0000
|
trusted library allocation
|
page read and write
|
||
|
44A000
|
stack
|
page read and write
|
||
|
870000
|
heap
|
page read and write
|
||
|
24E0000
|
trusted library allocation
|
page read and write
|
||
|
407000
|
unkown
|
page readonly
|
||
|
10000
|
heap
|
page read and write
|
||
|
222000
|
unkown
|
page readonly
|
||
|
24E0000
|
trusted library allocation
|
page read and write
|
||
|
2D0000
|
heap
|
page read and write
|
||
|
2400000
|
trusted library allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
2ED000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
2B50000
|
heap
|
page read and write
|
||
|
8D000
|
stack
|
page read and write
|
||
|
42C000
|
unkown
|
page read and write
|
||
|
407000
|
unkown
|
page readonly
|
||
|
402000
|
unkown
|
page readonly
|
||
|
32000
|
unkown
|
page readonly
|
||
|
24E0000
|
trusted library allocation
|
page read and write
|
||
|
24E0000
|
trusted library allocation
|
page read and write
|
||
|
18D000
|
stack
|
page read and write
|
||
|
576000
|
heap
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
557000
|
heap
|
page read and write
|
||
|
5E4000
|
heap
|
page read and write
|
||
|
1DF0000
|
heap
|
page read and write
|
||
|
880000
|
heap
|
page read and write
|
||
|
24E0000
|
trusted library allocation
|
page read and write
|
||
|
261D000
|
stack
|
page read and write
|
||
|
3C2000
|
heap
|
page read and write
|
||
|
5C7000
|
heap
|
page read and write
|
||
|
570000
|
heap
|
page read and write
|
||
|
30000
|
unkown
|
page readonly
|
||
|
409000
|
unkown
|
page write copy
|
||
|
400000
|
unkown
|
page readonly
|
||
|
C7E000
|
stack
|
page read and write
|
||
|
259F000
|
stack
|
page read and write
|
||
|
407000
|
unkown
|
page readonly
|
||
|
24E0000
|
trusted library allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
BFF000
|
stack
|
page read and write
|
||
|
17D000
|
stack
|
page read and write
|
||
|
8D7000
|
heap
|
page read and write
|
||
|
10001000
|
unkown
|
page execute read
|
||
|
8C000
|
stack
|
page read and write
|
||
|
4B2000
|
heap
|
page read and write
|
||
|
18D000
|
stack
|
page read and write
|
||
|
32E000
|
stack
|
page read and write
|
||
|
91A000
|
heap
|
page read and write
|
||
|
1F1000
|
direct allocation
|
page execute and read and write
|
||
|
29C000
|
stack
|
page read and write
|
||
|
8D000
|
stack
|
page read and write
|
||
|
B10000
|
heap
|
page read and write
|
||
|
5B4000
|
heap
|
page read and write
|
||
|
24E0000
|
trusted library allocation
|
page read and write
|
||
|
5CD000
|
heap
|
page read and write
|
||
|
840000
|
heap
|
page read and write
|
||
|
5F1000
|
heap
|
page read and write
|
||
|
120000
|
direct allocation
|
page read and write
|
||
|
2F0000
|
heap
|
page read and write
|
||
|
8B000
|
stack
|
page read and write
|
||
|
5F3000
|
heap
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
45D000
|
heap
|
page read and write
|
||
|
5F7000
|
heap
|
page read and write
|
||
|
2400000
|
trusted library allocation
|
page read and write
|
||
|
24E0000
|
trusted library allocation
|
page read and write
|
||
|
6BC000
|
stack
|
page read and write
|
||
|
8D7000
|
heap
|
page read and write
|
||
|
5E0000
|
heap
|
page read and write
|
||
|
2400000
|
trusted library allocation
|
page read and write
|
||
|
5DA000
|
heap
|
page read and write
|
||
|
5E2000
|
heap
|
page read and write
|
||
|
310000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
31D000
|
heap
|
page read and write
|
||
|
2AE0000
|
heap
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
1B0000
|
unkown
|
page readonly
|
||
|
4AB000
|
heap
|
page read and write
|
||
|
2D6000
|
heap
|
page read and write
|
||
|
5E6000
|
heap
|
page read and write
|
||
|
570000
|
heap
|
page read and write
|
||
|
437000
|
unkown
|
page readonly
|
||
|
C0E000
|
stack
|
page read and write
|
||
|
30E000
|
heap
|
page read and write
|
||
|
8D000
|
stack
|
page read and write
|
||
|
26AC000
|
stack
|
page read and write
|
||
|
24E0000
|
trusted library allocation
|
page read and write
|
||
|
21B0000
|
heap
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
903000
|
heap
|
page read and write
|
||
|
5C7000
|
heap
|
page read and write
|
||
|
917000
|
heap
|
page read and write
|
||
|
5F9000
|
heap
|
page read and write
|
||
|
23DF000
|
stack
|
page read and write
|
||
|
410000
|
direct allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
431000
|
unkown
|
page read and write
|
||
|
24E0000
|
trusted library allocation
|
page read and write
|
||
|
6E6000
|
heap
|
page read and write
|
||
|
269F000
|
stack
|
page read and write
|
||
|
5A7000
|
heap
|
page read and write
|
||
|
5B4000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
330000
|
heap
|
page read and write
|
||
|
1B1000
|
unkown
|
page execute read
|
||
|
22000
|
unkown
|
page readonly
|
||
|
42C000
|
unkown
|
page read and write
|
||
|
1B2000
|
unkown
|
page readonly
|
||
|
80000
|
system
|
page execute and read and write
|
||
|
409000
|
unkown
|
page write copy
|
||
|
23DE000
|
stack
|
page read and write
|
||
|
8E7000
|
heap
|
page read and write
|
||
|
1B4000
|
unkown
|
page readonly
|
||
|
896000
|
heap
|
page read and write
|
||
|
24E0000
|
trusted library allocation
|
page read and write
|
||
|
467000
|
heap
|
page read and write
|
||
|
409000
|
unkown
|
page write copy
|
||
|
10000
|
heap
|
page read and write
|
There are 415 hidden memdumps, click here to show them.