Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Aviso legal.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\geokemi\Alarmsystemerne.Cos
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\geokemi\Threshers135\Affotograferes.und
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\geokemi\Threshers135\Blowfish77.eil
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\geokemi\Threshers135\Polls\Overdid\minkfishes.uds
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\geokemi\Threshers135\Polls\Overdid\partiality.ste
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\geokemi\Threshers135\Polls\Overdid\stopcocks.uns
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\geokemi\Threshers135\Polls\Overdid\trstegningerne.txt
|
ASCII text, with very long lines (331), with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\geokemi\Threshers135\Polls\audifon.bul
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\geokemi\Threshers135\Polls\bisecting.ove
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\geokemi\Threshers135\Polls\bricklayings.non
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\geokemi\Threshers135\Polls\cardiographs.uop
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\geokemi\Threshers135\Polls\concubinage.ind
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\geokemi\Threshers135\Polls\fritnkeri.els
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\geokemi\Threshers135\Polls\maskningerne.aft
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\geokemi\Threshers135\atriumerne.eli
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\geokemi\Threshers135\sexualizing.Tro144
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsbA808.tmp
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nscAAC8.tmp\System.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nshAAE8.tmp
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nspAFED.tmp
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nssACAE.tmp
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nstAE84.tmp
|
ASCII text, with no line terminators
|
dropped
|
There are 13 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\Aviso legal.exe
|
"C:\Users\user\Desktop\Aviso legal.exe"
|
|
|
|
C:\Users\user\Desktop\Aviso legal.exe
|
"C:\Users\user\Desktop\Aviso legal.exe"
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://api.ipify.org/
|
104.26.12.205
|
||
|
http://lovekelley.ru.com/FroOsE89.bin
|
172.93.121.7
|
||
|
http://nsis.sf.net/NSIS_ErrorError
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
api.ipify.org
|
104.26.12.205
|
||
|
lovekelley.ru.com
|
172.93.121.7
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
104.26.12.205
|
api.ipify.org
|
United States
|
||
|
172.93.121.7
|
lovekelley.ru.com
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Aviso legal_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Aviso legal_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Aviso legal_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Aviso legal_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Aviso legal_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Aviso legal_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Aviso legal_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Aviso legal_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Aviso legal_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Aviso legal_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Aviso legal_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Aviso legal_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Aviso legal_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Aviso legal_RASMANCS
|
FileDirectory
|
There are 5 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
5C09000
|
direct allocation
|
page execute and read and write
|
|
|
|
401000
|
unkown
|
page execute read
|
||
|
395E0000
|
trusted library allocation
|
page read and write
|
||
|
2B00000
|
direct allocation
|
page read and write
|
||
|
36150000
|
trusted library allocation
|
page read and write
|
||
|
5A86000
|
heap
|
page read and write
|
||
|
2AE0000
|
direct allocation
|
page read and write
|
||
|
8409000
|
direct allocation
|
page execute and read and write
|
||
|
38541000
|
trusted library allocation
|
page read and write
|
||
|
38543000
|
trusted library allocation
|
page read and write
|
||
|
729000
|
heap
|
page read and write
|
||
|
39290000
|
trusted library allocation
|
page read and write
|
||
|
36110000
|
trusted library allocation
|
page read and write
|
||
|
392A0000
|
trusted library allocation
|
page read and write
|
||
|
38540000
|
trusted library allocation
|
page read and write
|
||
|
38540000
|
trusted library allocation
|
page read and write
|
||
|
395E0000
|
trusted library allocation
|
page read and write
|
||
|
36150000
|
trusted library allocation
|
page read and write
|
||
|
38540000
|
trusted library allocation
|
page read and write
|
||
|
5CEE000
|
stack
|
page read and write
|
||
|
38540000
|
trusted library allocation
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
76A0000
|
direct allocation
|
page read and write
|
||
|
392A0000
|
trusted library allocation
|
page read and write
|
||
|
38D94000
|
heap
|
page read and write
|
||
|
38E75000
|
heap
|
page read and write
|
||
|
35F50000
|
trusted library allocation
|
page read and write
|
||
|
38540000
|
trusted library allocation
|
page read and write
|
||
|
38540000
|
trusted library allocation
|
page read and write
|
||
|
5E90000
|
direct allocation
|
page read and write
|
||
|
35B7F000
|
stack
|
page read and write
|
||
|
35F40000
|
trusted library allocation
|
page read and write
|
||
|
38540000
|
trusted library allocation
|
page read and write
|
||
|
35F60000
|
heap
|
page read and write
|
||
|
5ED0000
|
direct allocation
|
page read and write
|
||
|
38E87000
|
heap
|
page read and write
|
||
|
362C1000
|
trusted library allocation
|
page read and write
|
||
|
497000
|
unkown
|
page readonly
|
||
|
38540000
|
trusted library allocation
|
page read and write
|
||
|
35EA0000
|
direct allocation
|
page read and write
|
||
|
3290000
|
heap
|
page read and write
|
||
|
35F02000
|
trusted library allocation
|
page read and write
|
||
|
39600000
|
trusted library allocation
|
page read and write
|
||
|
4A39000
|
remote allocation
|
page execute and read and write
|
||
|
392E0000
|
trusted library allocation
|
page read and write
|
||
|
36310000
|
trusted library allocation
|
page read and write
|
||
|
98000
|
stack
|
page read and write
|
||
|
36150000
|
trusted library allocation
|
page read and write
|
||
|
38540000
|
trusted library allocation
|
page read and write
|
||
|
39310000
|
trusted library allocation
|
page read and write
|
||
|
35F50000
|
trusted library allocation
|
page read and write
|
||
|
2384000
|
heap
|
page read and write
|
||
|
459000
|
unkown
|
page readonly
|
||
|
59F6000
|
heap
|
page read and write
|
||
|
392E0000
|
trusted library allocation
|
page read and write
|
||
|
35D80000
|
heap
|
page read and write
|
||
|
6E0000
|
heap
|
page read and write
|
||
|
7405D000
|
unkown
|
page read and write
|
||
|
395D0000
|
trusted library allocation
|
page read and write
|
||
|
459000
|
unkown
|
page readonly
|
||
|
348D000
|
stack
|
page read and write
|
||
|
35A7E000
|
stack
|
page read and write
|
||
|
36110000
|
trusted library allocation
|
page read and write
|
||
|
392E0000
|
trusted library allocation
|
page read and write
|
||
|
39310000
|
trusted library allocation
|
page read and write
|
||
|
39300000
|
trusted library allocation
|
page read and write
|
||
|
392E1000
|
trusted library allocation
|
page read and write
|
||
|
190000
|
trusted library allocation
|
page read and write
|
||
|
7A09000
|
direct allocation
|
page execute and read and write
|
||
|
80000
|
trusted library allocation
|
page read and write
|
||
|
48C000
|
unkown
|
page readonly
|
||
|
38540000
|
trusted library allocation
|
page read and write
|
||
|
39310000
|
trusted library allocation
|
page read and write
|
||
|
35E90000
|
direct allocation
|
page read and write
|
||
|
35F50000
|
trusted library allocation
|
page read and write
|
||
|
392E0000
|
trusted library allocation
|
page read and write
|
||
|
39610000
|
trusted library allocation
|
page read and write
|
||
|
38540000
|
trusted library allocation
|
page read and write
|
||
|
38540000
|
trusted library allocation
|
page read and write
|
||
|
392E0000
|
trusted library allocation
|
page read and write
|
||
|
392E0000
|
trusted library allocation
|
page read and write
|
||
|
392E0000
|
trusted library allocation
|
page read and write
|
||
|
38E70000
|
heap
|
page read and write
|
||
|
5EC0000
|
direct allocation
|
page read and write
|
||
|
395D0000
|
trusted library allocation
|
page read and write
|
||
|
74041000
|
unkown
|
page execute read
|
||
|
38540000
|
trusted library allocation
|
page read and write
|
||
|
36150000
|
trusted library allocation
|
page read and write
|
||
|
7690000
|
direct allocation
|
page read and write
|
||
|
395F0000
|
trusted library allocation
|
page read and write
|
||
|
392B0000
|
trusted library allocation
|
page read and write
|
||
|
392E0000
|
trusted library allocation
|
page read and write
|
||
|
2B20000
|
direct allocation
|
page read and write
|
||
|
90000
|
trusted library allocation
|
page read and write
|
||
|
36150000
|
trusted library allocation
|
page read and write
|
||
|
38E60000
|
heap
|
page read and write
|
||
|
711000
|
heap
|
page read and write
|
||
|
38540000
|
trusted library allocation
|
page read and write
|
||
|
395B0000
|
trusted library allocation
|
page read and write
|
||
|
392BF000
|
trusted library allocation
|
page read and write
|
||
|
39290000
|
trusted library allocation
|
page read and write
|
||
|
39600000
|
trusted library allocation
|
page read and write
|
||
|
37271000
|
trusted library allocation
|
page read and write
|
||
|
474000
|
unkown
|
page readonly
|
||
|
38540000
|
trusted library allocation
|
page read and write
|
||
|
395E0000
|
trusted library allocation
|
page read and write
|
||
|
392F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
49D000
|
unkown
|
page readonly
|
||
|
395F0000
|
trusted library allocation
|
page read and write
|
||
|
395F0000
|
trusted library allocation
|
page read and write
|
||
|
39310000
|
trusted library allocation
|
page read and write
|
||
|
49D000
|
unkown
|
page readonly
|
||
|
22C0000
|
heap
|
page read and write
|
||
|
705B4000
|
unkown
|
page readonly
|
||
|
705B6000
|
unkown
|
page readonly
|
||
|
3615D000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
42F000
|
unkown
|
page read and write
|
||
|
36078000
|
trusted library allocation
|
page read and write
|
||
|
2B50000
|
direct allocation
|
page read and write
|
||
|
38E90000
|
heap
|
page read and write
|
||
|
35F0A000
|
trusted library allocation
|
page read and write
|
||
|
395E0000
|
trusted library allocation
|
page read and write
|
||
|
59B0000
|
heap
|
page read and write
|
||
|
38E71000
|
heap
|
page read and write
|
||
|
459000
|
unkown
|
page readonly
|
||
|
392E0000
|
trusted library allocation
|
page read and write
|
||
|
39311000
|
heap
|
page read and write
|
||
|
392E0000
|
trusted library allocation
|
page read and write
|
||
|
36150000
|
trusted library allocation
|
page read and write
|
||
|
3639000
|
remote allocation
|
page execute and read and write
|
||
|
39310000
|
trusted library allocation
|
page read and write
|
||
|
392D0000
|
trusted library allocation
|
page read and write
|
||
|
38DDD000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
5BEC000
|
stack
|
page read and write
|
||
|
36069000
|
stack
|
page read and write
|
||
|
36150000
|
trusted library allocation
|
page read and write
|
||
|
42C000
|
unkown
|
page read and write
|
||
|
392E2000
|
trusted library allocation
|
page read and write
|
||
|
392E0000
|
trusted library allocation
|
page read and write
|
||
|
38540000
|
trusted library allocation
|
page read and write
|
||
|
1E5000
|
heap
|
page read and write
|
||
|
474000
|
unkown
|
page readonly
|
||
|
27CF000
|
stack
|
page read and write
|
||
|
38540000
|
trusted library allocation
|
page read and write
|
||
|
76B0000
|
direct allocation
|
page read and write
|
||
|
160000
|
trusted library allocation
|
page execute and read and write
|
||
|
36120000
|
trusted library allocation
|
page read and write
|
||
|
723000
|
heap
|
page read and write
|
||
|
392E0000
|
trusted library allocation
|
page read and write
|
||
|
B0000
|
trusted library allocation
|
page read and write
|
||
|
5A13000
|
heap
|
page read and write
|
||
|
38540000
|
trusted library allocation
|
page read and write
|
||
|
5209000
|
direct allocation
|
page execute and read and write
|
||
|
372E2000
|
trusted library allocation
|
page read and write
|
||
|
39300000
|
trusted library allocation
|
page read and write
|
||
|
395D0000
|
trusted library allocation
|
page read and write
|
||
|
459000
|
unkown
|
page readonly
|
||
|
39605000
|
trusted library allocation
|
page read and write
|
||
|
AD000
|
trusted library allocation
|
page execute and read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
2C39000
|
remote allocation
|
page execute and read and write
|
||
|
37299000
|
trusted library allocation
|
page read and write
|
||
|
392F0000
|
trusted library allocation
|
page read and write
|
||
|
40A000
|
unkown
|
page write copy
|
||
|
36110000
|
trusted library allocation
|
page read and write
|
||
|
170000
|
trusted library allocation
|
page read and write
|
||
|
C7000
|
trusted library allocation
|
page execute and read and write
|
||
|
392E0000
|
trusted library allocation
|
page read and write
|
||
|
392E0000
|
trusted library allocation
|
page read and write
|
||
|
39310000
|
trusted library allocation
|
page read and write
|
||
|
A0000
|
trusted library allocation
|
page read and write
|
||
|
1839000
|
remote allocation
|
page execute and read and write
|
||
|
59CE000
|
heap
|
page read and write
|
||
|
338C000
|
stack
|
page read and write
|
||
|
36110000
|
trusted library allocation
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
38540000
|
trusted library allocation
|
page read and write
|
||
|
2AA0000
|
direct allocation
|
page read and write
|
||
|
392E0000
|
trusted library allocation
|
page read and write
|
||
|
38DA7000
|
heap
|
page read and write
|
||
|
5439000
|
remote allocation
|
page execute and read and write
|
||
|
5A93000
|
heap
|
page read and write
|
||
|
39310000
|
trusted library allocation
|
page read and write
|
||
|
36150000
|
trusted library allocation
|
page read and write
|
||
|
705B0000
|
unkown
|
page readonly
|
||
|
6609000
|
direct allocation
|
page execute and read and write
|
||
|
392EA000
|
trusted library allocation
|
page read and write
|
||
|
395E0000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
2380000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
36110000
|
trusted library allocation
|
page execute and read and write
|
||
|
392B0000
|
trusted library allocation
|
page read and write
|
||
|
2239000
|
remote allocation
|
page execute and read and write
|
||
|
460000
|
unkown
|
page readonly
|
||
|
395C0000
|
trusted library allocation
|
page read and write
|
||
|
40A000
|
unkown
|
page write copy
|
||
|
290F000
|
stack
|
page read and write
|
||
|
5EB0000
|
direct allocation
|
page read and write
|
||
|
392A0000
|
trusted library allocation
|
page read and write
|
||
|
46F0000
|
direct allocation
|
page execute and read and write
|
||
|
38540000
|
trusted library allocation
|
page read and write
|
||
|
39310000
|
trusted library allocation
|
page read and write
|
||
|
49D000
|
unkown
|
page readonly
|
||
|
395E0000
|
trusted library allocation
|
page read and write
|
||
|
392A0000
|
trusted library allocation
|
page read and write
|
||
|
39320000
|
trusted library allocation
|
page read and write
|
||
|
36160000
|
heap
|
page execute and read and write
|
||
|
38520000
|
trusted library allocation
|
page read and write
|
||
|
7FDF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3626F000
|
stack
|
page read and write
|
||
|
395E0000
|
trusted library allocation
|
page read and write
|
||
|
35F11000
|
trusted library allocation
|
page read and write
|
||
|
2AD0000
|
direct allocation
|
page read and write
|
||
|
39600000
|
trusted library allocation
|
page read and write
|
||
|
39300000
|
trusted library allocation
|
page read and write
|
||
|
5A3A000
|
heap
|
page read and write
|
||
|
36271000
|
trusted library allocation
|
page read and write
|
||
|
38E6E000
|
heap
|
page read and write
|
||
|
48C000
|
unkown
|
page readonly
|
||
|
36110000
|
trusted library allocation
|
page read and write
|
||
|
38540000
|
trusted library allocation
|
page read and write
|
||
|
35F50000
|
trusted library allocation
|
page read and write
|
||
|
110000
|
heap
|
page read and write
|
||
|
395E0000
|
trusted library allocation
|
page read and write
|
||
|
395D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
392E0000
|
trusted library allocation
|
page read and write
|
||
|
35F0E000
|
trusted library allocation
|
page read and write
|
||
|
38E7A000
|
heap
|
page read and write
|
||
|
5AA6000
|
heap
|
page read and write
|
||
|
1E0000
|
heap
|
page read and write
|
||
|
38540000
|
trusted library allocation
|
page read and write
|
||
|
2B10000
|
direct allocation
|
page read and write
|
||
|
605000
|
heap
|
page read and write
|
||
|
5AA9000
|
heap
|
page read and write
|
||
|
392E0000
|
trusted library allocation
|
page read and write
|
||
|
40A000
|
unkown
|
page write copy
|
||
|
35F50000
|
trusted library allocation
|
page read and write
|
||
|
38540000
|
trusted library allocation
|
page read and write
|
||
|
392E0000
|
trusted library allocation
|
page read and write
|
||
|
48C000
|
unkown
|
page readonly
|
||
|
431000
|
unkown
|
page read and write
|
||
|
705B1000
|
unkown
|
page execute read
|
||
|
38530000
|
trusted library allocation
|
page read and write
|
||
|
460000
|
unkown
|
page readonly
|
||
|
392E0000
|
trusted library allocation
|
page read and write
|
||
|
36110000
|
trusted library allocation
|
page read and write
|
||
|
39310000
|
trusted library allocation
|
page read and write
|
||
|
38E77000
|
heap
|
page read and write
|
||
|
64E000
|
stack
|
page read and write
|
||
|
35B90000
|
heap
|
page read and write
|
||
|
5E30000
|
heap
|
page read and write
|
||
|
392B0000
|
trusted library allocation
|
page read and write
|
||
|
36150000
|
trusted library allocation
|
page read and write
|
||
|
38540000
|
trusted library allocation
|
page read and write
|
||
|
38540000
|
trusted library allocation
|
page read and write
|
||
|
392B8000
|
trusted library allocation
|
page read and write
|
||
|
94000
|
trusted library allocation
|
page read and write
|
||
|
492000
|
unkown
|
page readonly
|
||
|
35F50000
|
trusted library allocation
|
page read and write
|
||
|
395E0000
|
trusted library allocation
|
page read and write
|
||
|
19A000
|
stack
|
page read and write
|
||
|
36130000
|
remote allocation
|
page read and write
|
||
|
38D90000
|
heap
|
page read and write
|
||
|
39310000
|
trusted library allocation
|
page read and write
|
||
|
3918E000
|
stack
|
page read and write
|
||
|
395E0000
|
trusted library allocation
|
page read and write
|
||
|
5EE7000
|
heap
|
page read and write
|
||
|
35EF0000
|
trusted library allocation
|
page read and write
|
||
|
5A65000
|
heap
|
page read and write
|
||
|
38F0D000
|
unkown
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
39310000
|
trusted library allocation
|
page read and write
|
||
|
74056000
|
unkown
|
page readonly
|
||
|
36110000
|
trusted library allocation
|
page read and write
|
||
|
40A000
|
unkown
|
page read and write
|
||
|
36130000
|
trusted library allocation
|
page read and write
|
||
|
5CE000
|
stack
|
page read and write
|
||
|
38C4C000
|
stack
|
page read and write
|
||
|
ADF000
|
stack
|
page read and write
|
||
|
492000
|
unkown
|
page readonly
|
||
|
38540000
|
trusted library allocation
|
page read and write
|
||
|
38540000
|
trusted library allocation
|
page read and write
|
||
|
395E0000
|
trusted library allocation
|
page read and write
|
||
|
2A60000
|
heap
|
page read and write
|
||
|
392D0000
|
trusted library allocation
|
page read and write
|
||
|
392E0000
|
trusted library allocation
|
page read and write
|
||
|
B2000
|
trusted library allocation
|
page read and write
|
||
|
236E000
|
stack
|
page read and write
|
||
|
38540000
|
trusted library allocation
|
page read and write
|
||
|
38E0F000
|
heap
|
page read and write
|
||
|
487000
|
unkown
|
page readonly
|
||
|
39291000
|
trusted library allocation
|
page read and write
|
||
|
38540000
|
trusted library allocation
|
page read and write
|
||
|
BA000
|
trusted library allocation
|
page execute and read and write
|
||
|
39600000
|
trusted library allocation
|
page read and write
|
||
|
39330000
|
trusted library allocation
|
page read and write
|
||
|
38DDD000
|
heap
|
page read and write
|
||
|
395E0000
|
trusted library allocation
|
page read and write
|
||
|
38540000
|
trusted library allocation
|
page read and write
|
||
|
38542000
|
trusted library allocation
|
page read and write
|
||
|
5EA0000
|
direct allocation
|
page read and write
|
||
|
35F40000
|
trusted library allocation
|
page read and write
|
||
|
36150000
|
trusted library allocation
|
page read and write
|
||
|
392C0000
|
trusted library allocation
|
page read and write
|
||
|
3836E000
|
stack
|
page read and write
|
||
|
6CE000
|
stack
|
page read and write
|
||
|
35F1D000
|
trusted library allocation
|
page read and write
|
||
|
392E0000
|
trusted library allocation
|
page read and write
|
||
|
72C000
|
heap
|
page read and write
|
||
|
9D000
|
trusted library allocation
|
page execute and read and write
|
||
|
487000
|
unkown
|
page readonly
|
||
|
36130000
|
remote allocation
|
page read and write
|
||
|
48C000
|
unkown
|
page readonly
|
||
|
487000
|
unkown
|
page readonly
|
||
|
280E000
|
stack
|
page read and write
|
||
|
35F50000
|
trusted library allocation
|
page read and write
|
||
|
7720000
|
heap
|
page read and write
|
||
|
7009000
|
direct allocation
|
page execute and read and write
|
||
|
38DA6000
|
heap
|
page read and write
|
||
|
38540000
|
trusted library allocation
|
page read and write
|
||
|
35F40000
|
trusted library allocation
|
page read and write
|
||
|
395E0000
|
trusted library allocation
|
page read and write
|
||
|
395D0000
|
trusted library allocation
|
page read and write
|
||
|
4039000
|
remote allocation
|
page execute and read and write
|
||
|
CB000
|
trusted library allocation
|
page execute and read and write
|
||
|
76C0000
|
direct allocation
|
page read and write
|
||
|
39310000
|
heap
|
page read and write
|
||
|
38540000
|
trusted library allocation
|
page read and write
|
||
|
715000
|
heap
|
page read and write
|
||
|
2AB0000
|
direct allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
492000
|
unkown
|
page readonly
|
||
|
93000
|
trusted library allocation
|
page execute and read and write
|
||
|
392E0000
|
trusted library allocation
|
page read and write
|
||
|
36140000
|
heap
|
page execute and read and write
|
||
|
362A7000
|
trusted library allocation
|
page read and write
|
||
|
5A2E000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
C2000
|
trusted library allocation
|
page read and write
|
||
|
38B4C000
|
stack
|
page read and write
|
||
|
492000
|
unkown
|
page readonly
|
||
|
395D0000
|
trusted library allocation
|
page read and write
|
||
|
39290000
|
trusted library allocation
|
page read and write
|
||
|
2AF0000
|
direct allocation
|
page read and write
|
||
|
3928F000
|
stack
|
page read and write
|
||
|
39600000
|
trusted library allocation
|
page read and write
|
||
|
2B30000
|
direct allocation
|
page read and write
|
||
|
72E000
|
heap
|
page read and write
|
||
|
35F50000
|
trusted library allocation
|
page read and write
|
||
|
6E7000
|
heap
|
page read and write
|
||
|
395F0000
|
trusted library allocation
|
page read and write
|
||
|
36110000
|
trusted library allocation
|
page read and write
|
||
|
B6000
|
trusted library allocation
|
page execute and read and write
|
||
|
38540000
|
trusted library allocation
|
page read and write
|
||
|
38540000
|
trusted library allocation
|
page read and write
|
||
|
39310000
|
trusted library allocation
|
page read and write
|
||
|
39314000
|
heap
|
page read and write
|
||
|
38E76000
|
heap
|
page read and write
|
||
|
7405F000
|
unkown
|
page readonly
|
||
|
35F16000
|
trusted library allocation
|
page read and write
|
||
|
474000
|
unkown
|
page readonly
|
||
|
487000
|
unkown
|
page readonly
|
||
|
457000
|
unkown
|
page read and write
|
||
|
CA5000
|
heap
|
page read and write
|
||
|
2AC0000
|
direct allocation
|
page read and write
|
||
|
38550000
|
heap
|
page read and write
|
||
|
76D0000
|
direct allocation
|
page read and write
|
||
|
474000
|
unkown
|
page readonly
|
||
|
392E0000
|
trusted library allocation
|
page read and write
|
||
|
392E0000
|
trusted library allocation
|
page read and write
|
||
|
395E0000
|
trusted library allocation
|
page read and write
|
||
|
1720000
|
remote allocation
|
page execute and read and write
|
||
|
36110000
|
trusted library allocation
|
page read and write
|
||
|
392E1000
|
trusted library allocation
|
page read and write
|
||
|
3630E000
|
trusted library allocation
|
page read and write
|
||
|
38540000
|
trusted library allocation
|
page read and write
|
||
|
72F000
|
heap
|
page read and write
|
||
|
3900F000
|
stack
|
page read and write
|
||
|
2B40000
|
direct allocation
|
page read and write
|
||
|
15C000
|
stack
|
page read and write
|
||
|
35F30000
|
trusted library allocation
|
page read and write
|
||
|
38540000
|
trusted library allocation
|
page read and write
|
||
|
36150000
|
trusted library allocation
|
page read and write
|
||
|
5A8A000
|
heap
|
page read and write
|
||
|
362BD000
|
trusted library allocation
|
page read and write
|
||
|
39320000
|
trusted library allocation
|
page read and write
|
||
|
49D000
|
unkown
|
page readonly
|
||
|
8DF000
|
stack
|
page read and write
|
||
|
38E70000
|
heap
|
page read and write
|
||
|
38540000
|
trusted library allocation
|
page read and write
|
||
|
35EFE000
|
trusted library allocation
|
page read and write
|
||
|
38540000
|
trusted library allocation
|
page read and write
|
||
|
460000
|
unkown
|
page readonly
|
||
|
C80000
|
heap
|
page read and write
|
||
|
395E0000
|
trusted library allocation
|
page read and write
|
||
|
38540000
|
trusted library allocation
|
page read and write
|
||
|
39300000
|
trusted library allocation
|
page execute and read and write
|
||
|
395E0000
|
trusted library allocation
|
page read and write
|
||
|
362B0000
|
trusted library allocation
|
page read and write
|
||
|
5EE0000
|
heap
|
page read and write
|
||
|
38540000
|
trusted library allocation
|
page read and write
|
||
|
5A3D000
|
heap
|
page read and write
|
||
|
392E0000
|
trusted library allocation
|
page read and write
|
||
|
59FE000
|
heap
|
page read and write
|
||
|
392E0000
|
trusted library allocation
|
page read and write
|
||
|
4809000
|
direct allocation
|
page execute and read and write
|
||
|
36120000
|
trusted library allocation
|
page read and write
|
||
|
35EFB000
|
trusted library allocation
|
page read and write
|
||
|
C5000
|
trusted library allocation
|
page execute and read and write
|
||
|
38543000
|
trusted library allocation
|
page read and write
|
||
|
392C0000
|
trusted library allocation
|
page read and write
|
||
|
59B8000
|
heap
|
page read and write
|
||
|
497000
|
unkown
|
page readonly
|
||
|
38542000
|
trusted library allocation
|
page read and write
|
||
|
392E0000
|
trusted library allocation
|
page read and write
|
||
|
440000
|
unkown
|
page read and write
|
||
|
5BAF000
|
stack
|
page read and write
|
||
|
59DF000
|
heap
|
page read and write
|
||
|
10E000
|
stack
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
600000
|
heap
|
page read and write
|
||
|
38E6D000
|
heap
|
page read and write
|
||
|
650000
|
heap
|
page read and write
|
||
|
180000
|
trusted library allocation
|
page read and write
|
||
|
36130000
|
remote allocation
|
page read and write
|
||
|
39311000
|
heap
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
392E0000
|
trusted library allocation
|
page read and write
|
||
|
497000
|
unkown
|
page readonly
|
||
|
497000
|
unkown
|
page readonly
|
||
|
395E0000
|
trusted library allocation
|
page read and write
|
||
|
74040000
|
unkown
|
page readonly
|
||
|
392C0000
|
trusted library allocation
|
page read and write
|
||
|
36150000
|
trusted library allocation
|
page read and write
|
||
|
CA0000
|
heap
|
page read and write
|
||
|
38540000
|
trusted library allocation
|
page read and write
|
||
|
35EEA000
|
stack
|
page read and write
|
||
|
9DF000
|
stack
|
page read and write
|
||
|
460000
|
unkown
|
page readonly
|
||
|
395E0000
|
trusted library allocation
|
page read and write
|
||
|
599E000
|
stack
|
page read and write
|
||
|
36130000
|
trusted library allocation
|
page read and write
|
||
|
395D0000
|
trusted library allocation
|
page read and write
|
||
|
36116000
|
trusted library allocation
|
page read and write
|
||
|
35A30000
|
trusted library allocation
|
page read and write
|
There are 439 hidden memdumps, click here to show them.