Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
CONTRACTUL MODIFICAT-pdf.bat.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Roaming\sidonian\Bespyttedes.Civ
|
ASCII text, with very long lines (65536), with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\sidonian\CONTRACTUL MODIFICAT-pdf.bat.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache
|
data
|
modified
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_0gvb135w.jlb.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_im2y3d1s.iby.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\sidonian\CONTRACTUL MODIFICAT-pdf.bat.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\sidonian\Chemurgic.sov
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\sidonian\Livmorkrft.nai
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\sidonian\Silicone.Men
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\sidonian\reexpression.sve
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\sidonian\rudloff.txt
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\sidonian\unpersuasion.mal
|
data
|
dropped
|
There are 3 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\CONTRACTUL MODIFICAT-pdf.bat.exe
|
"C:\Users\user\Desktop\CONTRACTUL MODIFICAT-pdf.bat.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"powershell.exe" -windowstyle hidden "$Licks=cat 'C:\Users\user\AppData\Roaming\sidonian\Bespyttedes.Civ';$Antihumanist=$Licks.substring(41927,3);.$Antihumanist($Licks)"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\system32\cmd.exe" "/c set /A 1^^0"
|
|
|
|
C:\Program Files (x86)\Windows Mail\wab.exe
|
"C:\Program Files (x86)\windows mail\wab.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://ftp.piny.ro
|
unknown
|
||
|
http://reviewellness.ru.com/ro.bin&
|
unknown
|
||
|
http://nsis.sf.net/NSIS_Error
|
unknown
|
||
|
http://nsis.sf.net/NSIS_ErrorError
|
unknown
|
||
|
http://reviewellness.ru.com/ro.bin
|
172.93.120.190
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
ftp.piny.ro
|
31.14.12.234
|
|
|
|
reviewellness.ru.com
|
172.93.120.190
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
31.14.12.234
|
ftp.piny.ro
|
Romania
|
|
|
|
172.93.120.190
|
reviewellness.ru.com
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\overwisely\Uninstall\Understyringstendenserne111\epiguanine
|
reinjured
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASMANCS
|
FileDirectory
|
There are 6 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
227FE000
|
trusted library allocation
|
page read and write
|
|
|
|
227B1000
|
trusted library allocation
|
page read and write
|
|
|
|
24900000
|
trusted library allocation
|
page read and write
|
||
|
24B40000
|
trusted library allocation
|
page read and write
|
||
|
6D79000
|
heap
|
page read and write
|
||
|
24801000
|
heap
|
page read and write
|
||
|
960000
|
heap
|
page read and write
|
||
|
227FC000
|
trusted library allocation
|
page read and write
|
||
|
24B00000
|
trusted library allocation
|
page read and write
|
||
|
6A6000
|
heap
|
page read and write
|
||
|
24B10000
|
trusted library allocation
|
page read and write
|
||
|
247EC000
|
stack
|
page read and write
|
||
|
2274A000
|
trusted library allocation
|
page read and write
|
||
|
24900000
|
trusted library allocation
|
page read and write
|
||
|
24EA0000
|
trusted library allocation
|
page read and write
|
||
|
27C5000
|
heap
|
page read and write
|
||
|
6FF0000
|
heap
|
page read and write
|
||
|
27BF000
|
stack
|
page read and write
|
||
|
24B10000
|
trusted library allocation
|
page read and write
|
||
|
6D89000
|
heap
|
page read and write
|
||
|
24B10000
|
trusted library allocation
|
page read and write
|
||
|
24B10000
|
trusted library allocation
|
page read and write
|
||
|
24C5E000
|
stack
|
page read and write
|
||
|
225CE000
|
stack
|
page read and write
|
||
|
6AA000
|
heap
|
page read and write
|
||
|
22720000
|
trusted library allocation
|
page read and write
|
||
|
6A0000
|
heap
|
page read and write
|
||
|
43B000
|
unkown
|
page read and write
|
||
|
22790000
|
trusted library allocation
|
page read and write
|
||
|
24B80000
|
trusted library allocation
|
page read and write
|
||
|
24B80000
|
trusted library allocation
|
page read and write
|
||
|
24B10000
|
trusted library allocation
|
page read and write
|
||
|
24C1E000
|
stack
|
page read and write
|
||
|
24B10000
|
trusted library allocation
|
page read and write
|
||
|
24B10000
|
trusted library allocation
|
page read and write
|
||
|
22790000
|
trusted library allocation
|
page read and write
|
||
|
24B20000
|
trusted library allocation
|
page read and write
|
||
|
5309000
|
remote allocation
|
page execute and read and write
|
||
|
6A0000
|
heap
|
page read and write
|
||
|
24900000
|
trusted library allocation
|
page read and write
|
||
|
24A56000
|
heap
|
page read and write
|
||
|
24903000
|
trusted library allocation
|
page read and write
|
||
|
24B10000
|
trusted library allocation
|
page read and write
|
||
|
24B10000
|
trusted library allocation
|
page read and write
|
||
|
24B30000
|
trusted library allocation
|
page read and write
|
||
|
2274E000
|
trusted library allocation
|
page read and write
|
||
|
24A45000
|
heap
|
page read and write
|
||
|
22790000
|
trusted library allocation
|
page read and write
|
||
|
24B10000
|
trusted library allocation
|
page read and write
|
||
|
24B10000
|
trusted library allocation
|
page read and write
|
||
|
6A0000
|
heap
|
page read and write
|
||
|
24B10000
|
heap
|
page read and write
|
||
|
2236E000
|
stack
|
page read and write
|
||
|
231F000
|
stack
|
page read and write
|
||
|
24B46000
|
trusted library allocation
|
page read and write
|
||
|
6AA000
|
heap
|
page read and write
|
||
|
254B0000
|
trusted library allocation
|
page read and write
|
||
|
24B01000
|
trusted library allocation
|
page read and write
|
||
|
22320000
|
trusted library allocation
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
24B10000
|
trusted library allocation
|
page read and write
|
||
|
2AB0000
|
trusted library allocation
|
page read and write
|
||
|
6B8000
|
heap
|
page read and write
|
||
|
2281C000
|
trusted library allocation
|
page read and write
|
||
|
23814000
|
trusted library allocation
|
page read and write
|
||
|
24900000
|
trusted library allocation
|
page read and write
|
||
|
2ABD000
|
trusted library allocation
|
page execute and read and write
|
||
|
3F09000
|
remote allocation
|
page execute and read and write
|
||
|
24C77000
|
trusted library allocation
|
page read and write
|
||
|
24EB0000
|
trusted library allocation
|
page read and write
|
||
|
24B10000
|
trusted library allocation
|
page read and write
|
||
|
24B40000
|
trusted library allocation
|
page read and write
|
||
|
24B11000
|
trusted library allocation
|
page read and write
|
||
|
2ACA000
|
trusted library allocation
|
page execute and read and write
|
||
|
6F40000
|
direct allocation
|
page read and write
|
||
|
6B8000
|
heap
|
page read and write
|
||
|
24B10000
|
trusted library allocation
|
page read and write
|
||
|
2FD0000
|
heap
|
page read and write
|
||
|
2AC0000
|
trusted library allocation
|
page read and write
|
||
|
24EA0000
|
trusted library allocation
|
page read and write
|
||
|
6D2C000
|
heap
|
page read and write
|
||
|
24B10000
|
trusted library allocation
|
page read and write
|
||
|
6C1000
|
heap
|
page read and write
|
||
|
7F0000
|
trusted library allocation
|
page read and write
|
||
|
24EC0000
|
trusted library allocation
|
page read and write
|
||
|
24B20000
|
trusted library allocation
|
page read and write
|
||
|
24B20000
|
trusted library allocation
|
page read and write
|
||
|
6A0000
|
heap
|
page read and write
|
||
|
43C000
|
unkown
|
page readonly
|
||
|
24900000
|
trusted library allocation
|
page read and write
|
||
|
43C000
|
unkown
|
page readonly
|
||
|
660000
|
heap
|
page read and write
|
||
|
237B1000
|
trusted library allocation
|
page read and write
|
||
|
6A6000
|
heap
|
page read and write
|
||
|
22710000
|
trusted library allocation
|
page read and write
|
||
|
2374000
|
heap
|
page read and write
|
||
|
223C0000
|
heap
|
page read and write
|
||
|
24B70000
|
trusted library allocation
|
page read and write
|
||
|
6AA000
|
heap
|
page read and write
|
||
|
6D22000
|
heap
|
page read and write
|
||
|
24A58000
|
heap
|
page read and write
|
||
|
24ED0000
|
trusted library allocation
|
page read and write
|
||
|
6A6000
|
heap
|
page read and write
|
||
|
2AD5000
|
trusted library allocation
|
page execute and read and write
|
||
|
249F1000
|
heap
|
page read and write
|
||
|
24B10000
|
trusted library allocation
|
page read and write
|
||
|
2226B000
|
stack
|
page read and write
|
||
|
24EC0000
|
trusted library allocation
|
page read and write
|
||
|
22660000
|
heap
|
page read and write
|
||
|
6B8000
|
heap
|
page read and write
|
||
|
24B10000
|
trusted library allocation
|
page read and write
|
||
|
24B10000
|
trusted library allocation
|
page read and write
|
||
|
2F6D000
|
stack
|
page read and write
|
||
|
420000
|
unkown
|
page read and write
|
||
|
24B10000
|
trusted library allocation
|
page read and write
|
||
|
1F5000
|
heap
|
page read and write
|
||
|
254B0000
|
trusted library allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
24B20000
|
trusted library allocation
|
page read and write
|
||
|
24EC0000
|
trusted library allocation
|
page read and write
|
||
|
24B10000
|
trusted library allocation
|
page read and write
|
||
|
98000
|
stack
|
page read and write
|
||
|
2370000
|
heap
|
page read and write
|
||
|
6A6000
|
heap
|
page read and write
|
||
|
2275D000
|
trusted library allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
237B9000
|
trusted library allocation
|
page read and write
|
||
|
24B40000
|
trusted library allocation
|
page read and write
|
||
|
30E0000
|
heap
|
page read and write
|
||
|
A75000
|
heap
|
page read and write
|
||
|
223AF000
|
stack
|
page read and write
|
||
|
24B50000
|
trusted library allocation
|
page read and write
|
||
|
6D4F000
|
heap
|
page read and write
|
||
|
24B10000
|
trusted library allocation
|
page read and write
|
||
|
24B10000
|
trusted library allocation
|
page read and write
|
||
|
24800000
|
heap
|
page read and write
|
||
|
2261C000
|
stack
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
6AA000
|
heap
|
page read and write
|
||
|
6CB0000
|
heap
|
page read and write
|
||
|
6A0000
|
heap
|
page read and write
|
||
|
24B10000
|
trusted library allocation
|
page read and write
|
||
|
24EC0000
|
trusted library allocation
|
page read and write
|
||
|
24EC0000
|
trusted library allocation
|
page read and write
|
||
|
24C60000
|
trusted library allocation
|
page execute and read and write
|
||
|
2273B000
|
trusted library allocation
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
24B30000
|
trusted library allocation
|
page read and write
|
||
|
24B10000
|
trusted library allocation
|
page read and write
|
||
|
2490C000
|
trusted library allocation
|
page read and write
|
||
|
6D4C000
|
heap
|
page read and write
|
||
|
696000
|
heap
|
page read and write
|
||
|
A3E000
|
stack
|
page read and write
|
||
|
24B10000
|
trusted library allocation
|
page read and write
|
||
|
6A6000
|
heap
|
page read and write
|
||
|
6AA000
|
heap
|
page read and write
|
||
|
24900000
|
trusted library allocation
|
page read and write
|
||
|
24B10000
|
trusted library allocation
|
page read and write
|
||
|
40A000
|
unkown
|
page write copy
|
||
|
3140000
|
heap
|
page read and write
|
||
|
24B80000
|
trusted library allocation
|
page read and write
|
||
|
24B80000
|
trusted library allocation
|
page read and write
|
||
|
24EC0000
|
trusted library allocation
|
page read and write
|
||
|
24B40000
|
trusted library allocation
|
page read and write
|
||
|
22780000
|
trusted library allocation
|
page read and write
|
||
|
24B10000
|
trusted library allocation
|
page read and write
|
||
|
2265E000
|
stack
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
24900000
|
trusted library allocation
|
page read and write
|
||
|
24EB0000
|
trusted library allocation
|
page read and write
|
||
|
24EC0000
|
trusted library allocation
|
page read and write
|
||
|
2ADB000
|
trusted library allocation
|
page execute and read and write
|
||
|
24B20000
|
trusted library allocation
|
page read and write
|
||
|
24A58000
|
heap
|
page read and write
|
||
|
24EC0000
|
trusted library allocation
|
page read and write
|
||
|
24B40000
|
trusted library allocation
|
page read and write
|
||
|
24B10000
|
trusted library allocation
|
page read and write
|
||
|
249F0000
|
heap
|
page read and write
|
||
|
6C67000
|
heap
|
page read and write
|
||
|
24ED0000
|
trusted library allocation
|
page read and write
|
||
|
24EA0000
|
trusted library allocation
|
page read and write
|
||
|
6EE0000
|
direct allocation
|
page read and write
|
||
|
254A0000
|
trusted library allocation
|
page read and write
|
||
|
24B50000
|
trusted library allocation
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
24EC0000
|
trusted library allocation
|
page read and write
|
||
|
27CA000
|
heap
|
page read and write
|
||
|
24900000
|
trusted library allocation
|
page read and write
|
||
|
425000
|
unkown
|
page read and write
|
||
|
2250A000
|
stack
|
page read and write
|
||
|
24B10000
|
trusted library allocation
|
page read and write
|
||
|
24B20000
|
trusted library allocation
|
page read and write
|
||
|
27CA000
|
heap
|
page read and write
|
||
|
6EC0000
|
direct allocation
|
page read and write
|
||
|
237D9000
|
trusted library allocation
|
page read and write
|
||
|
24900000
|
trusted library allocation
|
page read and write
|
||
|
9FE000
|
stack
|
page read and write
|
||
|
227A0000
|
heap
|
page execute and read and write
|
||
|
24B10000
|
trusted library allocation
|
page read and write
|
||
|
6AA000
|
heap
|
page read and write
|
||
|
24B20000
|
trusted library allocation
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
694000
|
heap
|
page read and write
|
||
|
2E6D000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
6A6000
|
heap
|
page read and write
|
||
|
24ED0000
|
trusted library allocation
|
page read and write
|
||
|
6CC8000
|
heap
|
page read and write
|
||
|
24B20000
|
trusted library allocation
|
page read and write
|
||
|
22736000
|
trusted library allocation
|
page read and write
|
||
|
32F0000
|
heap
|
page read and write
|
||
|
24C70000
|
trusted library allocation
|
page read and write
|
||
|
7F3000
|
trusted library allocation
|
page execute and read and write
|
||
|
224B0000
|
direct allocation
|
page read and write
|
||
|
24B10000
|
trusted library allocation
|
page read and write
|
||
|
24B10000
|
trusted library allocation
|
page read and write
|
||
|
24B60000
|
trusted library allocation
|
page read and write
|
||
|
24B10000
|
trusted library allocation
|
page read and write
|
||
|
24B40000
|
trusted library allocation
|
page read and write
|
||
|
6A6000
|
heap
|
page read and write
|
||
|
24BA0000
|
trusted library allocation
|
page read and write
|
||
|
6EA0000
|
direct allocation
|
page read and write
|
||
|
6B8000
|
heap
|
page read and write
|
||
|
24B20000
|
trusted library allocation
|
page read and write
|
||
|
2AD2000
|
trusted library allocation
|
page read and write
|
||
|
24B40000
|
trusted library allocation
|
page read and write
|
||
|
24E9E000
|
stack
|
page read and write
|
||
|
22730000
|
trusted library allocation
|
page read and write
|
||
|
4B0000
|
heap
|
page read and write
|
||
|
6C1000
|
heap
|
page read and write
|
||
|
6ED0000
|
direct allocation
|
page read and write
|
||
|
A70000
|
heap
|
page read and write
|
||
|
24B10000
|
trusted library allocation
|
page read and write
|
||
|
85F000
|
stack
|
page read and write
|
||
|
24B10000
|
trusted library allocation
|
page read and write
|
||
|
24B40000
|
trusted library allocation
|
page read and write
|
||
|
24B40000
|
trusted library allocation
|
page read and write
|
||
|
6DBA000
|
heap
|
page read and write
|
||
|
24B10000
|
trusted library allocation
|
page read and write
|
||
|
24B10000
|
trusted library allocation
|
page read and write
|
||
|
95F000
|
stack
|
page read and write
|
||
|
6B8000
|
heap
|
page read and write
|
||
|
2496C000
|
stack
|
page read and write
|
||
|
24B10000
|
trusted library allocation
|
page read and write
|
||
|
6B8000
|
heap
|
page read and write
|
||
|
24B60000
|
trusted library allocation
|
page read and write
|
||
|
24AF0000
|
trusted library allocation
|
page read and write
|
||
|
610000
|
heap
|
page read and write
|
||
|
24B10000
|
trusted library allocation
|
page read and write
|
||
|
24B20000
|
trusted library allocation
|
page read and write
|
||
|
24B20000
|
trusted library allocation
|
page read and write
|
||
|
24EC0000
|
trusted library allocation
|
page read and write
|
||
|
24B26000
|
trusted library allocation
|
page read and write
|
||
|
6D16000
|
heap
|
page read and write
|
||
|
24B50000
|
trusted library allocation
|
page read and write
|
||
|
24B10000
|
trusted library allocation
|
page read and write
|
||
|
6BE000
|
heap
|
page read and write
|
||
|
22678000
|
trusted library allocation
|
page read and write
|
||
|
25490000
|
trusted library allocation
|
page read and write
|
||
|
6D85000
|
heap
|
page read and write
|
||
|
6EF0000
|
direct allocation
|
page read and write
|
||
|
6B8000
|
heap
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
254A0000
|
trusted library allocation
|
page read and write
|
||
|
24B10000
|
trusted library allocation
|
page read and write
|
||
|
24EA0000
|
trusted library allocation
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
24B90000
|
trusted library allocation
|
page read and write
|
||
|
24B10000
|
trusted library allocation
|
page read and write
|
||
|
24920000
|
heap
|
page read and write
|
||
|
6F30000
|
direct allocation
|
page read and write
|
||
|
24B40000
|
trusted library allocation
|
page read and write
|
||
|
224C0000
|
direct allocation
|
page read and write
|
||
|
6FAE000
|
stack
|
page read and write
|
||
|
668000
|
heap
|
page read and write
|
||
|
423000
|
unkown
|
page read and write
|
||
|
24A46000
|
heap
|
page read and write
|
||
|
19A000
|
stack
|
page read and write
|
||
|
6FF7000
|
heap
|
page read and write
|
||
|
24EC0000
|
trusted library allocation
|
page read and write
|
||
|
6B80000
|
heap
|
page read and write
|
||
|
6C1000
|
heap
|
page read and write
|
||
|
6A0000
|
heap
|
page read and write
|
||
|
24B11000
|
trusted library allocation
|
page read and write
|
||
|
312E000
|
stack
|
page read and write
|
||
|
222EF000
|
stack
|
page read and write
|
||
|
24B40000
|
trusted library allocation
|
page read and write
|
||
|
24910000
|
trusted library allocation
|
page read and write
|
||
|
6D03000
|
heap
|
page read and write
|
||
|
24B50000
|
trusted library allocation
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
2258E000
|
stack
|
page read and write
|
||
|
2222D000
|
stack
|
page read and write
|
||
|
7F4000
|
trusted library allocation
|
page read and write
|
||
|
254A0000
|
trusted library allocation
|
page read and write
|
||
|
24B40000
|
trusted library allocation
|
page read and write
|
||
|
324E000
|
unkown
|
page read and write
|
||
|
24B50000
|
trusted library allocation
|
page read and write
|
||
|
24EB0000
|
trusted library allocation
|
page read and write
|
||
|
2AC2000
|
trusted library allocation
|
page read and write
|
||
|
225D0000
|
heap
|
page read and write
|
||
|
24B20000
|
trusted library allocation
|
page read and write
|
||
|
24900000
|
trusted library allocation
|
page read and write
|
||
|
6F50000
|
direct allocation
|
page read and write
|
||
|
24B10000
|
trusted library allocation
|
page read and write
|
||
|
24B10000
|
trusted library allocation
|
page read and write
|
||
|
2340000
|
heap
|
page read and write
|
||
|
6C65000
|
heap
|
page read and write
|
||
|
24EC0000
|
trusted library allocation
|
page read and write
|
||
|
24EC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3130000
|
heap
|
page read and write
|
||
|
7FD000
|
trusted library allocation
|
page execute and read and write
|
||
|
6FEE000
|
stack
|
page read and write
|
||
|
24B50000
|
trusted library allocation
|
page read and write
|
||
|
2AD0000
|
trusted library allocation
|
page read and write
|
||
|
6D27000
|
heap
|
page read and write
|
||
|
6D92000
|
heap
|
page read and write
|
||
|
6E90000
|
heap
|
page readonly
|
||
|
6DAB000
|
heap
|
page read and write
|
||
|
6C60000
|
heap
|
page read and write
|
||
|
6F10000
|
direct allocation
|
page read and write
|
||
|
247F0000
|
heap
|
page execute and read and write
|
||
|
24B10000
|
trusted library allocation
|
page read and write
|
||
|
2245E000
|
stack
|
page read and write
|
||
|
24900000
|
trusted library allocation
|
page read and write
|
||
|
22756000
|
trusted library allocation
|
page read and write
|
||
|
24B12000
|
trusted library allocation
|
page read and write
|
||
|
24B30000
|
trusted library allocation
|
page read and write
|
||
|
6DAB000
|
heap
|
page read and write
|
||
|
2AD7000
|
trusted library allocation
|
page execute and read and write
|
||
|
24B40000
|
trusted library allocation
|
page read and write
|
||
|
24900000
|
trusted library allocation
|
page read and write
|
||
|
24B10000
|
trusted library allocation
|
page read and write
|
||
|
24B7D000
|
stack
|
page read and write
|
||
|
6A0000
|
heap
|
page read and write
|
||
|
3D60000
|
remote allocation
|
page execute and read and write
|
||
|
34EF000
|
stack
|
page read and write
|
||
|
30F0000
|
heap
|
page read and write
|
||
|
24EA0000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
24B40000
|
trusted library allocation
|
page read and write
|
||
|
24B20000
|
trusted library allocation
|
page read and write
|
||
|
24B10000
|
trusted library allocation
|
page read and write
|
||
|
24B10000
|
trusted library allocation
|
page read and write
|
||
|
24B10000
|
trusted library allocation
|
page read and write
|
||
|
22770000
|
trusted library allocation
|
page read and write
|
||
|
24900000
|
trusted library allocation
|
page read and write
|
||
|
9B0000
|
heap
|
page read and write
|
||
|
6CC0000
|
heap
|
page read and write
|
||
|
24B10000
|
trusted library allocation
|
page read and write
|
||
|
24B50000
|
trusted library allocation
|
page read and write
|
||
|
24B20000
|
trusted library allocation
|
page read and write
|
||
|
24B10000
|
trusted library allocation
|
page read and write
|
||
|
24B80000
|
trusted library allocation
|
page read and write
|
||
|
24B12000
|
trusted library allocation
|
page read and write
|
||
|
24AF0000
|
trusted library allocation
|
page read and write
|
||
|
27CC000
|
heap
|
page read and write
|
||
|
32FB000
|
heap
|
page read and write
|
||
|
3630000
|
heap
|
page read and write
|
||
|
6A0000
|
heap
|
page read and write
|
||
|
2241E000
|
stack
|
page read and write
|
||
|
24B20000
|
trusted library allocation
|
page read and write
|
||
|
7E0000
|
trusted library allocation
|
page read and write
|
||
|
2AC6000
|
trusted library allocation
|
page execute and read and write
|
||
|
24B10000
|
trusted library allocation
|
page read and write
|
||
|
24B40000
|
trusted library allocation
|
page read and write
|
||
|
24B30000
|
trusted library allocation
|
page read and write
|
||
|
24900000
|
trusted library allocation
|
page read and write
|
||
|
6F20000
|
direct allocation
|
page read and write
|
||
|
6C1000
|
heap
|
page read and write
|
||
|
24EA0000
|
trusted library allocation
|
page read and write
|
||
|
24B10000
|
trusted library allocation
|
page read and write
|
||
|
2490D000
|
trusted library allocation
|
page read and write
|
||
|
6D92000
|
heap
|
page read and write
|
||
|
254A0000
|
trusted library allocation
|
page read and write
|
||
|
6F00000
|
direct allocation
|
page read and write
|
||
|
22751000
|
trusted library allocation
|
page read and write
|
||
|
24B30000
|
trusted library allocation
|
page execute and read and write
|
||
|
24918000
|
trusted library allocation
|
page read and write
|
||
|
7FC10000
|
trusted library allocation
|
page execute and read and write
|
||
|
22790000
|
trusted library allocation
|
page read and write
|
||
|
4909000
|
remote allocation
|
page execute and read and write
|
||
|
6709000
|
remote allocation
|
page execute and read and write
|
||
|
34F0000
|
heap
|
page read and write
|
||
|
2273E000
|
trusted library allocation
|
page read and write
|
||
|
30EE000
|
unkown
|
page read and write
|
||
|
24B10000
|
trusted library allocation
|
page read and write
|
||
|
24B40000
|
trusted library allocation
|
page read and write
|
||
|
22742000
|
trusted library allocation
|
page read and write
|
||
|
2280C000
|
trusted library allocation
|
page read and write
|
||
|
6EB0000
|
direct allocation
|
page read and write
|
||
|
2AE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
6AA000
|
heap
|
page read and write
|
||
|
24B80000
|
trusted library allocation
|
page read and write
|
||
|
22548000
|
stack
|
page read and write
|
||
|
5D09000
|
remote allocation
|
page execute and read and write
|
||
|
60E000
|
stack
|
page read and write
|
||
|
222AD000
|
stack
|
page read and write
|
||
|
40A000
|
unkown
|
page read and write
|
||
|
2350000
|
heap
|
page read and write
|
||
|
24B10000
|
trusted library allocation
|
page read and write
|
||
|
24EA0000
|
trusted library allocation
|
page read and write
|
||
|
24B10000
|
trusted library allocation
|
page read and write
|
||
|
6AA000
|
heap
|
page read and write
|
||
|
24B13000
|
trusted library allocation
|
page read and write
|
||
|
6A6000
|
heap
|
page read and write
|
||
|
24B10000
|
trusted library allocation
|
page read and write
|
||
|
24B40000
|
trusted library allocation
|
page read and write
|
||
|
5CE000
|
stack
|
page read and write
|
||
|
413000
|
unkown
|
page read and write
|
||
|
24B10000
|
trusted library allocation
|
page read and write
|
||
|
6BE000
|
heap
|
page read and write
|
||
|
24B50000
|
trusted library allocation
|
page read and write
|
||
|
24B70000
|
trusted library allocation
|
page read and write
|
||
|
24900000
|
trusted library allocation
|
page read and write
|
||
|
24B20000
|
trusted library allocation
|
page read and write
|
||
|
42A000
|
unkown
|
page read and write
|
||
|
6B8000
|
heap
|
page read and write
|
There are 408 hidden memdumps, click here to show them.