Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
drw_free_installer.17163939163819b153.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
initial sample
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3D003UC5\index[1].htm
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\downloader_easeus\2.0.0\2free\Arabic.ini
|
Unicode text, UTF-8 text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\downloader_easeus\2.0.0\2free\Chinese.ini
|
Unicode text, UTF-8 text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\downloader_easeus\2.0.0\2free\ChineseTrad.ini
|
Unicode text, UTF-8 text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\downloader_easeus\2.0.0\2free\Danish.ini
|
Unicode text, UTF-8 text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\downloader_easeus\2.0.0\2free\Dutch.ini
|
Unicode text, UTF-8 text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\downloader_easeus\2.0.0\2free\EDownloader.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\downloader_easeus\2.0.0\2free\EasyLog.log
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\downloader_easeus\2.0.0\2free\French.ini
|
Unicode text, UTF-8 text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\downloader_easeus\2.0.0\2free\German.ini
|
Unicode text, UTF-8 text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\downloader_easeus\2.0.0\2free\Indonesian.ini
|
Unicode text, UTF-8 text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\downloader_easeus\2.0.0\2free\InitConfigure.ini
|
Generic INItialization configuration [Language]
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\downloader_easeus\2.0.0\2free\Italian.ini
|
Unicode text, UTF-8 text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\downloader_easeus\2.0.0\2free\Japanese.ini
|
Unicode text, UTF-8 text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\downloader_easeus\2.0.0\2free\Korean.ini
|
Unicode text, UTF-8 text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\downloader_easeus\2.0.0\2free\LanguageTransfor.ini
|
Unicode text, UTF-8 text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\downloader_easeus\2.0.0\2free\Malay.ini
|
Unicode text, UTF-8 text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\downloader_easeus\2.0.0\2free\Mungarian.ini
|
Unicode text, UTF-8 text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\downloader_easeus\2.0.0\2free\Norwegian.ini
|
Unicode text, UTF-8 text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\downloader_easeus\2.0.0\2free\Polish.ini
|
Unicode text, UTF-8 text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\downloader_easeus\2.0.0\2free\Portuguese.ini
|
Unicode text, UTF-8 text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\downloader_easeus\2.0.0\2free\Russian.ini
|
Unicode text, UTF-8 text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\downloader_easeus\2.0.0\2free\Spanish.ini
|
Unicode text, UTF-8 text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\downloader_easeus\2.0.0\2free\Swedish.ini
|
Unicode text, UTF-8 text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\downloader_easeus\2.0.0\2free\Thai.ini
|
Unicode text, UTF-8 text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\downloader_easeus\2.0.0\2free\Turkish.ini
|
Unicode text, UTF-8 text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\downloader_easeus\2.0.0\2free\aliyun\AliyunConfig.ini
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
modified
|
||
|
C:\Users\user\AppData\Local\Temp\downloader_easeus\2.0.0\2free\aliyun\AliyunWrap.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\downloader_easeus\2.0.0\2free\aliyun\AliyunWrapExe.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\downloader_easeus\2.0.0\2free\aliyun\DataFile.ini
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
modified
|
||
|
C:\Users\user\AppData\Local\Temp\downloader_easeus\2.0.0\2free\aliyun\InfoForSetup.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\downloader_easeus\2.0.0\2free\aliyun\tempInfo.web
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\downloader_easeus\2.0.0\2free\downloader.ico
|
MS Windows icon resource - 10 icons, 16x16, 16 colors, 4 bits/pixel, 32x32, 16 colors, 4 bits/pixel
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\downloader_easeus\2.0.0\2free\english.ini
|
Unicode text, UTF-8 text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\downloader_easeus\2.0.0\2free\skin.zip
|
Zip archive data, at least v2.0 to extract, compression method=deflate
|
dropped
|
There are 26 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\drw_free_installer.17163939163819b153.exe
|
"C:\Users\user\Desktop\drw_free_installer.17163939163819b153.exe"
|
||
|
C:\Users\user\AppData\Local\Temp\downloader_easeus\2.0.0\2free\EDownloader.exe
|
"C:\Users\user\AppData\Local\Temp\downloader_easeus\2.0.0\2free\EDownloader.exe" EXEDIR=C:\Users\user\Desktop ||| EXENAME=drw_free_installer.17163939163819b153.exe
||| DOWNLOAD_VERSION=free ||| PRODUCT_VERSION=2.0.0 ||| INSTALL_TYPE=0
|
||
|
C:\Users\user\AppData\Local\Temp\downloader_easeus\2.0.0\2free\aliyun\InfoForSetup.exe
|
/Uid "S-1-5-21-2246122658-3693405117-2476756634-1002"
|
||
|
C:\Users\user\AppData\Local\Temp\downloader_easeus\2.0.0\2free\aliyun\InfoForSetup.exe
|
/SendInfo Window "Web_Installer" Activity "Result_Run_Installer" Attribute "{\"Country\":\"Switzerland\",\"Pageid\":\"17163939163819b153\",\"Timezone\":\"GMT-05:00\"}"
|
||
|
C:\Users\user\AppData\Local\Temp\downloader_easeus\2.0.0\2free\aliyun\AliyunWrapExe.exe
|
C:\Users\user\AppData\Local\Temp\downloader_easeus\2.0.0\2free\aliyun\AliyunWrapExe.Exe
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://download3.easeus.com/drw/drw16.2.0.0_free_x.exe
|
unknown
|
||
|
http://track.easeus.com/product/index.php/?a=statistics&p_type=m_drw_user_base_infos
|
unknown
|
||
|
http://download.easeus.com/api2/index.php/Apicp/Drwdl202004/index/
|
unknown
|
||
|
http://baidu.com
|
unknown
|
||
|
http://easeusinfo.us-east-1.log.aliyuncs.com/logstores/logstore_drw_ip/shards/lb76756634-1002
|
unknown
|
||
|
https://update.easeus.com/update/drw_eng/drw.ini
|
unknown
|
||
|
http://track.easeus.com/product/index.php?c=main&a=getstatus&pid=2K
|
unknown
|
||
|
http://track.easeus.com/product/index.php?c=main&a=getstatus&pid=27
|
unknown
|
||
|
https://download.easeus.com/trial/drw_trial.exe
|
unknown
|
||
|
https://www.easeus.com/privacy.htm?lang=
|
unknown
|
||
|
http://nsis.sf.net/NSIS_ErrorError
|
unknown
|
||
|
http://baidu.com7
|
unknown
|
||
|
http://track.easeus.com/product/index.php?c=main&a=getstatus&pid=23
|
unknown
|
||
|
https://www.google.com/https://www.baidu.com/GMT
|
unknown
|
||
|
http://track.easeus.com/product/index.php/?a=statistics&p_type=m_drw_user_action_table
|
unknown
|
||
|
https://download.easeus.com/free/drw_free.exeni
|
unknown
|
||
|
http://baidu.comq
|
unknown
|
||
|
https://www.easeus.com/datarecoverywizard/history.php?lang=inst
|
unknown
|
||
|
https://curl.haxx.se/docs/http-cookies.html
|
unknown
|
||
|
https://curl.haxx.se/docs/http-cookies.html#
|
unknown
|
||
|
http://easeusinfo.us-east-1.log.aliyuncs.com/logstores/logstore_drw_ip/shards/lb
|
unknown
|
||
|
https://download.easeus.com/free/drw_free.exe
|
unknown
|
||
|
http://baidu.comJ
|
unknown
|
||
|
https://www.easeus.com/download-offline.html
|
unknown
|
||
|
http://download2.easeus.com/api2/index.php/Apicp/Drwdl202004/index/
|
unknown
|
||
|
https://www.easeus.com/privacy.htm?lang=/histor
|
unknown
|
||
|
http://download3.easeus.com/drw/drw16.2.0.0_trial_x.exe
|
unknown
|
||
|
https://www.easeus.com/datarecoverywizard/history.php?lang=
|
unknown
|
||
|
http://track.easeus.com/product/index.php/?a=statistics&p_type=m_drw_user_base_infosfP
|
unknown
|
||
|
http://download3.easeus.com/drw/drw16.2.0.0_ad_google_trial_x.exe
|
unknown
|
||
|
http://track.easeus.com/product/index.php?c=main&a=getstatus&pid=2
|
163.171.128.150
|
||
|
http://track.easeus.com/product/index.php?c=main&a=getstatus&pid=2C:
|
unknown
|
||
|
http://./logstores//shards/lbContent-Type:application/x-protobufx-log-apiversion:0.6.0x-log-compress
|
unknown
|
||
|
http://yiwo.easeus.com/api/index.php/Home/index/licenseAgreement?lang=
|
unknown
|
||
|
https://www.google.com/
|
unknown
|
||
|
http://download3.easeus.com/api2/index.php/Apicp/Drwdl202004/index/
|
unknown
|
||
|
http://download3.easeus.com/drw/drw16.2.0.0_ad_google_trial_x.exe9
|
unknown
|
||
|
http://yiwo.easeus.com/
|
unknown
|
||
|
https://www.baidu.com/
|
unknown
|
There are 29 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
track.easeus.com.whecloud.com
|
163.171.128.150
|
||
|
easeusinfo.us-east-1.log.aliyuncs.com
|
47.252.97.212
|
||
|
track.easeus.com
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
47.252.97.212
|
easeusinfo.us-east-1.log.aliyuncs.com
|
United States
|
||
|
163.171.128.150
|
track.easeus.com.whecloud.com
|
European Union
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
24A5000
|
heap
|
page read and write
|
||
|
2960000
|
heap
|
page read and write
|
||
|
247F000
|
heap
|
page read and write
|
||
|
3A10000
|
trusted library allocation
|
page read and write
|
||
|
249A000
|
heap
|
page read and write
|
||
|
24BE000
|
heap
|
page read and write
|
||
|
F90000
|
heap
|
page read and write
|
||
|
369F000
|
stack
|
page read and write
|
||
|
6E270000
|
unkown
|
page readonly
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
24A1000
|
heap
|
page read and write
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
24F1000
|
heap
|
page read and write
|
||
|
CF5000
|
heap
|
page read and write
|
||
|
770000
|
heap
|
page read and write
|
||
|
2840000
|
trusted library allocation
|
page read and write
|
||
|
2B30000
|
trusted library allocation
|
page read and write
|
||
|
2464000
|
heap
|
page read and write
|
||
|
34A000
|
unkown
|
page readonly
|
||
|
2B30000
|
trusted library allocation
|
page read and write
|
||
|
2515000
|
heap
|
page read and write
|
||
|
124A000
|
heap
|
page read and write
|
||
|
2476000
|
heap
|
page read and write
|
||
|
5F0000
|
heap
|
page read and write
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
3A10000
|
trusted library allocation
|
page read and write
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
2B30000
|
trusted library allocation
|
page read and write
|
||
|
1720000
|
trusted library allocation
|
page read and write
|
||
|
E90000
|
heap
|
page read and write
|
||
|
1600000
|
heap
|
page read and write
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
2499000
|
heap
|
page read and write
|
||
|
24D6000
|
heap
|
page read and write
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
247C000
|
heap
|
page read and write
|
||
|
2476000
|
heap
|
page read and write
|
||
|
24F1000
|
heap
|
page read and write
|
||
|
249A000
|
heap
|
page read and write
|
||
|
2B20000
|
heap
|
page read and write
|
||
|
249F000
|
heap
|
page read and write
|
||
|
2485000
|
heap
|
page read and write
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
2840000
|
trusted library allocation
|
page read and write
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
10FC000
|
stack
|
page read and write
|
||
|
2840000
|
trusted library allocation
|
page read and write
|
||
|
E99000
|
heap
|
page read and write
|
||
|
2467000
|
heap
|
page read and write
|
||
|
2B50000
|
heap
|
page read and write
|
||
|
337D000
|
stack
|
page read and write
|
||
|
1033000
|
unkown
|
page write copy
|
||
|
1720000
|
trusted library allocation
|
page read and write
|
||
|
2B30000
|
trusted library allocation
|
page read and write
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
34F000
|
unkown
|
page readonly
|
||
|
24A9000
|
heap
|
page read and write
|
||
|
1670000
|
trusted library allocation
|
page read and write
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
3A10000
|
trusted library allocation
|
page read and write
|
||
|
2B30000
|
trusted library allocation
|
page read and write
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
6CA21000
|
unkown
|
page read and write
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
3A10000
|
trusted library allocation
|
page read and write
|
||
|
2B30000
|
trusted library allocation
|
page read and write
|
||
|
2840000
|
trusted library allocation
|
page read and write
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
630000
|
heap
|
page read and write
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
1720000
|
trusted library allocation
|
page read and write
|
||
|
C8E000
|
stack
|
page read and write
|
||
|
2840000
|
trusted library allocation
|
page read and write
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
2472000
|
heap
|
page read and write
|
||
|
252C000
|
heap
|
page read and write
|
||
|
2468000
|
heap
|
page read and write
|
||
|
3A10000
|
trusted library allocation
|
page read and write
|
||
|
24A5000
|
heap
|
page read and write
|
||
|
3432000
|
heap
|
page read and write
|
||
|
3C60000
|
trusted library allocation
|
page read and write
|
||
|
1039000
|
unkown
|
page readonly
|
||
|
3A10000
|
trusted library allocation
|
page read and write
|
||
|
249F000
|
heap
|
page read and write
|
||
|
2624000
|
heap
|
page read and write
|
||
|
1720000
|
trusted library allocation
|
page read and write
|
||
|
3390000
|
heap
|
page read and write
|
||
|
160C000
|
heap
|
page read and write
|
||
|
98F000
|
stack
|
page read and write
|
||
|
2B30000
|
trusted library allocation
|
page read and write
|
||
|
2A20000
|
heap
|
page read and write
|
||
|
2840000
|
trusted library allocation
|
page read and write
|
||
|
6D2000
|
heap
|
page read and write
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
3A10000
|
trusted library allocation
|
page read and write
|
||
|
F10000
|
unkown
|
page readonly
|
||
|
666000
|
heap
|
page read and write
|
||
|
24AE000
|
heap
|
page read and write
|
||
|
24A5000
|
heap
|
page read and write
|
||
|
3A10000
|
trusted library allocation
|
page read and write
|
||
|
24D6000
|
heap
|
page read and write
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
A30000
|
unkown
|
page readonly
|
||
|
2481000
|
heap
|
page read and write
|
||
|
3A10000
|
trusted library allocation
|
page read and write
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
2B30000
|
trusted library allocation
|
page read and write
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
38DB000
|
stack
|
page read and write
|
||
|
2505000
|
heap
|
page read and write
|
||
|
340000
|
unkown
|
page readonly
|
||
|
247C000
|
heap
|
page read and write
|
||
|
24B4000
|
heap
|
page read and write
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
24B8000
|
heap
|
page read and write
|
||
|
40A000
|
unkown
|
page write copy
|
||
|
34D000
|
unkown
|
page write copy
|
||
|
2B30000
|
trusted library allocation
|
page read and write
|
||
|
24B6000
|
heap
|
page read and write
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
24BA000
|
heap
|
page read and write
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
3A10000
|
trusted library allocation
|
page read and write
|
||
|
9F0000
|
heap
|
page read and write
|
||
|
24A3000
|
heap
|
page read and write
|
||
|
343D000
|
heap
|
page read and write
|
||
|
34D000
|
unkown
|
page read and write
|
||
|
39DF000
|
stack
|
page read and write
|
||
|
6E2D3000
|
unkown
|
page readonly
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
E0E000
|
stack
|
page read and write
|
||
|
1720000
|
trusted library allocation
|
page read and write
|
||
|
24B4000
|
heap
|
page read and write
|
||
|
2B30000
|
trusted library allocation
|
page read and write
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
2840000
|
trusted library allocation
|
page read and write
|
||
|
253F000
|
heap
|
page read and write
|
||
|
2840000
|
trusted library allocation
|
page read and write
|
||
|
3A10000
|
trusted library allocation
|
page read and write
|
||
|
2A60000
|
trusted library allocation
|
page read and write
|
||
|
3A10000
|
trusted library allocation
|
page read and write
|
||
|
12B5000
|
heap
|
page read and write
|
||
|
436000
|
unkown
|
page read and write
|
||
|
2D00000
|
heap
|
page read and write
|
||
|
3A10000
|
trusted library allocation
|
page read and write
|
||
|
7FC000
|
stack
|
page read and write
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
2460000
|
heap
|
page read and write
|
||
|
2210000
|
heap
|
page read and write
|
||
|
CFD000
|
stack
|
page read and write
|
||
|
F8F000
|
stack
|
page read and write
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
DC0000
|
heap
|
page read and write
|
||
|
431000
|
unkown
|
page read and write
|
||
|
E00000
|
heap
|
page read and write
|
||
|
2B30000
|
trusted library allocation
|
page read and write
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
F11000
|
unkown
|
page execute read
|
||
|
97C000
|
stack
|
page read and write
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
1006000
|
unkown
|
page readonly
|
||
|
353E000
|
stack
|
page read and write
|
||
|
2B30000
|
trusted library allocation
|
page read and write
|
||
|
445000
|
unkown
|
page readonly
|
||
|
246A000
|
heap
|
page read and write
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
2476000
|
heap
|
page read and write
|
||
|
D4B000
|
stack
|
page read and write
|
||
|
DB0000
|
heap
|
page read and write
|
||
|
24A5000
|
heap
|
page read and write
|
||
|
E95000
|
heap
|
page read and write
|
||
|
3A10000
|
trusted library allocation
|
page read and write
|
||
|
A31000
|
unkown
|
page execute read
|
||
|
2468000
|
heap
|
page read and write
|
||
|
3A10000
|
trusted library allocation
|
page read and write
|
||
|
2497000
|
heap
|
page read and write
|
||
|
6C1000
|
heap
|
page read and write
|
||
|
67A000
|
heap
|
page read and write
|
||
|
A31000
|
unkown
|
page execute read
|
||
|
6E2E1000
|
unkown
|
page read and write
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
1210000
|
heap
|
page read and write
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
247C000
|
heap
|
page read and write
|
||
|
6C9B0000
|
unkown
|
page readonly
|
||
|
6D9000
|
heap
|
page read and write
|
||
|
20F0000
|
heap
|
page read and write
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
24B9000
|
heap
|
page read and write
|
||
|
2B30000
|
trusted library allocation
|
page read and write
|
||
|
249F000
|
heap
|
page read and write
|
||
|
34F000
|
unkown
|
page readonly
|
||
|
247F000
|
heap
|
page read and write
|
||
|
24EC000
|
heap
|
page read and write
|
||
|
24B3000
|
heap
|
page read and write
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
1720000
|
trusted library allocation
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
2B30000
|
trusted library allocation
|
page read and write
|
||
|
1670000
|
trusted library allocation
|
page read and write
|
||
|
2B30000
|
trusted library allocation
|
page read and write
|
||
|
6C9B0000
|
unkown
|
page readonly
|
||
|
34FE000
|
stack
|
page read and write
|
||
|
3C60000
|
trusted library allocation
|
page read and write
|
||
|
2B30000
|
trusted library allocation
|
page read and write
|
||
|
2468000
|
heap
|
page read and write
|
||
|
24AE000
|
heap
|
page read and write
|
||
|
EC0000
|
heap
|
page read and write
|
||
|
3A10000
|
trusted library allocation
|
page read and write
|
||
|
2481000
|
heap
|
page read and write
|
||
|
24AF000
|
heap
|
page read and write
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
2840000
|
trusted library allocation
|
page read and write
|
||
|
6CA26000
|
unkown
|
page readonly
|
||
|
1670000
|
trusted library allocation
|
page read and write
|
||
|
6CF000
|
heap
|
page read and write
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
E70000
|
heap
|
page read and write
|
||
|
2B30000
|
trusted library allocation
|
page read and write
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
A30000
|
unkown
|
page readonly
|
||
|
2840000
|
trusted library allocation
|
page read and write
|
||
|
2B30000
|
trusted library allocation
|
page read and write
|
||
|
1670000
|
trusted library allocation
|
page read and write
|
||
|
1670000
|
trusted library allocation
|
page read and write
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
1720000
|
trusted library allocation
|
page read and write
|
||
|
460000
|
heap
|
page read and write
|
||
|
2520000
|
heap
|
page read and write
|
||
|
275F000
|
stack
|
page read and write
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
217E000
|
stack
|
page read and write
|
||
|
2495000
|
heap
|
page read and write
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
3A10000
|
trusted library allocation
|
page read and write
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
2472000
|
heap
|
page read and write
|
||
|
24B7000
|
heap
|
page read and write
|
||
|
24A9000
|
heap
|
page read and write
|
||
|
265F000
|
stack
|
page read and write
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
340000
|
unkown
|
page readonly
|
||
|
A4A000
|
unkown
|
page readonly
|
||
|
24B6000
|
heap
|
page read and write
|
||
|
24BA000
|
heap
|
page read and write
|
||
|
6C9000
|
heap
|
page read and write
|
||
|
252E000
|
heap
|
page read and write
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
1670000
|
trusted library allocation
|
page read and write
|
||
|
2B30000
|
trusted library allocation
|
page read and write
|
||
|
3C5E000
|
stack
|
page read and write
|
||
|
8EF000
|
stack
|
page read and write
|
||
|
2840000
|
trusted library allocation
|
page read and write
|
||
|
C40000
|
heap
|
page read and write
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
24BC000
|
heap
|
page read and write
|
||
|
333C000
|
stack
|
page read and write
|
||
|
1720000
|
trusted library allocation
|
page read and write
|
||
|
1033000
|
unkown
|
page read and write
|
||
|
2472000
|
heap
|
page read and write
|
||
|
3420000
|
heap
|
page read and write
|
||
|
15DE000
|
stack
|
page read and write
|
||
|
445000
|
unkown
|
page readonly
|
||
|
24B3000
|
heap
|
page read and write
|
||
|
2527000
|
heap
|
page read and write
|
||
|
2481000
|
heap
|
page read and write
|
||
|
34A000
|
unkown
|
page readonly
|
||
|
3C5000
|
stack
|
page read and write
|
||
|
12C2000
|
heap
|
page read and write
|
||
|
24AC000
|
heap
|
page read and write
|
||
|
2B30000
|
trusted library allocation
|
page read and write
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
40A000
|
unkown
|
page read and write
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
1720000
|
trusted library allocation
|
page read and write
|
||
|
24C7000
|
heap
|
page read and write
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
20C0000
|
heap
|
page read and write
|
||
|
1018000
|
heap
|
page read and write
|
||
|
9E0000
|
heap
|
page read and write
|
||
|
359F000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
670000
|
heap
|
page read and write
|
||
|
24BB000
|
heap
|
page read and write
|
||
|
3A10000
|
trusted library allocation
|
page read and write
|
||
|
24BE000
|
heap
|
page read and write
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
3ADF000
|
stack
|
page read and write
|
||
|
1670000
|
trusted library allocation
|
page read and write
|
||
|
2548000
|
heap
|
page read and write
|
||
|
1240000
|
heap
|
page read and write
|
||
|
24A5000
|
heap
|
page read and write
|
||
|
24AD000
|
heap
|
page read and write
|
||
|
6C9B1000
|
unkown
|
page execute read
|
||
|
24B8000
|
heap
|
page read and write
|
||
|
1010000
|
heap
|
page read and write
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
2840000
|
trusted library allocation
|
page read and write
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
340000
|
unkown
|
page readonly
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
2840000
|
trusted library allocation
|
page read and write
|
||
|
24B8000
|
heap
|
page read and write
|
||
|
2B30000
|
trusted library allocation
|
page read and write
|
||
|
1720000
|
trusted library allocation
|
page read and write
|
||
|
5F8000
|
heap
|
page read and write
|
||
|
3A10000
|
trusted library allocation
|
page read and write
|
||
|
540000
|
heap
|
page read and write
|
||
|
3A10000
|
trusted library allocation
|
page read and write
|
||
|
640000
|
heap
|
page read and write
|
||
|
5CE000
|
stack
|
page read and write
|
||
|
2541000
|
heap
|
page read and write
|
||
|
24BE000
|
heap
|
page read and write
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
2840000
|
trusted library allocation
|
page read and write
|
||
|
24BB000
|
heap
|
page read and write
|
||
|
247C000
|
heap
|
page read and write
|
||
|
24AC000
|
heap
|
page read and write
|
||
|
2B30000
|
trusted library allocation
|
page read and write
|
||
|
129A000
|
heap
|
page read and write
|
||
|
34A000
|
unkown
|
page readonly
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
250F000
|
heap
|
page read and write
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
24DF000
|
heap
|
page read and write
|
||
|
2C6000
|
stack
|
page read and write
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
247F000
|
heap
|
page read and write
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
335E000
|
stack
|
page read and write
|
||
|
6CA21000
|
unkown
|
page read and write
|
||
|
2830000
|
heap
|
page read and write
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
1039000
|
unkown
|
page readonly
|
||
|
EB0000
|
heap
|
page read and write
|
||
|
3C60000
|
trusted library allocation
|
page read and write
|
||
|
24A9000
|
heap
|
page read and write
|
||
|
1006000
|
unkown
|
page readonly
|
||
|
2468000
|
heap
|
page read and write
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
2B30000
|
trusted library allocation
|
page read and write
|
||
|
2B30000
|
trusted library allocation
|
page read and write
|
||
|
2476000
|
heap
|
page read and write
|
||
|
DD0000
|
heap
|
page read and write
|
||
|
3A10000
|
heap
|
page read and write
|
||
|
341000
|
unkown
|
page execute read
|
||
|
24BA000
|
heap
|
page read and write
|
||
|
341000
|
unkown
|
page execute read
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
6D3000
|
heap
|
page read and write
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
24AF000
|
heap
|
page read and write
|
||
|
E86000
|
heap
|
page read and write
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
2481000
|
heap
|
page read and write
|
||
|
249F000
|
heap
|
page read and write
|
||
|
24BA000
|
heap
|
page read and write
|
||
|
545000
|
heap
|
page read and write
|
||
|
24DF000
|
heap
|
page read and write
|
||
|
6CA13000
|
unkown
|
page readonly
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
2840000
|
trusted library allocation
|
page read and write
|
||
|
249F000
|
heap
|
page read and write
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
E20000
|
heap
|
page read and write
|
||
|
1670000
|
trusted library allocation
|
page read and write
|
||
|
2469000
|
heap
|
page read and write
|
||
|
2464000
|
heap
|
page read and write
|
||
|
7EF000
|
stack
|
page read and write
|
||
|
16AE000
|
stack
|
page read and write
|
||
|
24B6000
|
heap
|
page read and write
|
||
|
A47000
|
unkown
|
page read and write
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
CF0000
|
heap
|
page read and write
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
440000
|
unkown
|
page read and write
|
||
|
F10000
|
unkown
|
page readonly
|
||
|
AFD000
|
stack
|
page read and write
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
10F9000
|
stack
|
page read and write
|
||
|
1670000
|
trusted library allocation
|
page read and write
|
||
|
A43000
|
unkown
|
page readonly
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
3A10000
|
trusted library allocation
|
page read and write
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
58E000
|
stack
|
page read and write
|
||
|
2476000
|
heap
|
page read and write
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
213E000
|
stack
|
page read and write
|
||
|
6CA26000
|
unkown
|
page readonly
|
||
|
247C000
|
heap
|
page read and write
|
||
|
1670000
|
trusted library allocation
|
page read and write
|
||
|
1670000
|
trusted library allocation
|
page read and write
|
||
|
E80000
|
heap
|
page read and write
|
||
|
39DC000
|
stack
|
page read and write
|
||
|
32FF000
|
stack
|
page read and write
|
||
|
1720000
|
trusted library allocation
|
page read and write
|
||
|
379D000
|
stack
|
page read and write
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
24A5000
|
heap
|
page read and write
|
||
|
1670000
|
trusted library allocation
|
page read and write
|
||
|
24B4000
|
heap
|
page read and write
|
||
|
249F000
|
heap
|
page read and write
|
||
|
67E000
|
heap
|
page read and write
|
||
|
389E000
|
stack
|
page read and write
|
||
|
2B30000
|
trusted library allocation
|
page read and write
|
||
|
9B000
|
stack
|
page read and write
|
||
|
1720000
|
trusted library allocation
|
page read and write
|
||
|
16EE000
|
stack
|
page read and write
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
A43000
|
unkown
|
page readonly
|
||
|
1720000
|
trusted library allocation
|
page read and write
|
||
|
B60000
|
heap
|
page read and write
|
||
|
6E271000
|
unkown
|
page execute read
|
||
|
34A000
|
unkown
|
page readonly
|
||
|
2491000
|
heap
|
page read and write
|
||
|
340000
|
unkown
|
page readonly
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
6C6000
|
heap
|
page read and write
|
||
|
DC5000
|
heap
|
page read and write
|
||
|
1670000
|
trusted library allocation
|
page read and write
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
24A5000
|
heap
|
page read and write
|
||
|
24A3000
|
heap
|
page read and write
|
||
|
24AA000
|
heap
|
page read and write
|
||
|
6CA13000
|
unkown
|
page readonly
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
24B5000
|
heap
|
page read and write
|
||
|
261B000
|
stack
|
page read and write
|
||
|
20A0000
|
heap
|
page read and write
|
||
|
2620000
|
heap
|
page read and write
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
2476000
|
heap
|
page read and write
|
||
|
2B30000
|
trusted library allocation
|
page read and write
|
||
|
6E2E6000
|
unkown
|
page readonly
|
||
|
1720000
|
trusted library allocation
|
page read and write
|
||
|
2840000
|
trusted library allocation
|
page read and write
|
||
|
24A9000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
E2A000
|
heap
|
page read and write
|
||
|
E5E000
|
stack
|
page read and write
|
||
|
27BF000
|
stack
|
page read and write
|
||
|
24A5000
|
heap
|
page read and write
|
||
|
249F000
|
heap
|
page read and write
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
6D2000
|
heap
|
page read and write
|
||
|
F11000
|
unkown
|
page execute read
|
||
|
3436000
|
heap
|
page read and write
|
||
|
CDE000
|
stack
|
page read and write
|
||
|
34F000
|
unkown
|
page readonly
|
||
|
24CA000
|
heap
|
page read and write
|
||
|
1670000
|
trusted library allocation
|
page read and write
|
||
|
164E000
|
stack
|
page read and write
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
246A000
|
heap
|
page read and write
|
||
|
88E000
|
stack
|
page read and write
|
||
|
3A10000
|
trusted library allocation
|
page read and write
|
||
|
34D000
|
unkown
|
page write copy
|
||
|
2840000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
19A000
|
stack
|
page read and write
|
||
|
2464000
|
heap
|
page read and write
|
||
|
3A10000
|
trusted library allocation
|
page read and write
|
||
|
24DF000
|
heap
|
page read and write
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
2531000
|
heap
|
page read and write
|
||
|
341000
|
unkown
|
page execute read
|
||
|
2496000
|
heap
|
page read and write
|
||
|
1670000
|
trusted library allocation
|
page read and write
|
||
|
341000
|
unkown
|
page execute read
|
||
|
3A10000
|
trusted library allocation
|
page read and write
|
||
|
1670000
|
trusted library allocation
|
page read and write
|
||
|
625000
|
heap
|
page read and write
|
||
|
3A10000
|
trusted library allocation
|
page read and write
|
||
|
2B30000
|
trusted library allocation
|
page read and write
|
||
|
6C9B1000
|
unkown
|
page execute read
|
||
|
1660000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
2466000
|
heap
|
page read and write
|
||
|
124E000
|
heap
|
page read and write
|
||
|
3A24000
|
heap
|
page read and write
|
||
|
349E000
|
stack
|
page read and write
|
||
|
1710000
|
heap
|
page read and write
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
247F000
|
heap
|
page read and write
|
||
|
A47000
|
unkown
|
page write copy
|
||
|
1720000
|
trusted library allocation
|
page read and write
|
||
|
246A000
|
heap
|
page read and write
|
||
|
A4A000
|
unkown
|
page readonly
|
||
|
1714000
|
heap
|
page read and write
|
||
|
DFF000
|
stack
|
page read and write
|
||
|
660000
|
heap
|
page read and write
|
||
|
24BA000
|
heap
|
page read and write
|
||
|
2840000
|
trusted library allocation
|
page read and write
|
||
|
24A9000
|
heap
|
page read and write
|
||
|
249F000
|
heap
|
page read and write
|
||
|
34F000
|
unkown
|
page readonly
|
||
|
2476000
|
heap
|
page read and write
|
||
|
29AF000
|
stack
|
page read and write
|
||
|
34D000
|
unkown
|
page read and write
|
||
|
1720000
|
trusted library allocation
|
page read and write
|
||
|
3B5E000
|
stack
|
page read and write
|
||
|
E2E000
|
heap
|
page read and write
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
3A10000
|
trusted library allocation
|
page read and write
|
||
|
5D0000
|
heap
|
page read and write
|
||
|
249A000
|
heap
|
page read and write
|
||
|
24A0000
|
heap
|
page read and write
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
2840000
|
trusted library allocation
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
24C3000
|
heap
|
page read and write
|
||
|
24C2000
|
heap
|
page read and write
|
||
|
3A10000
|
trusted library allocation
|
page read and write
|
||
|
1606000
|
heap
|
page read and write
|
||
|
247F000
|
heap
|
page read and write
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
There are 530 hidden memdumps, click here to show them.