Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
notepad.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\notepad.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\969f98392400891a1a1da27da68a2a1d.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v2.0_32\UsageLogs\notepad.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
\Device\ConDrv
|
ASCII text, with CRLF line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\notepad.exe
|
"C:\Users\user\Desktop\notepad.exe"
|
|
|
|
C:\Users\user\AppData\Local\Temp\notepad.exe
|
"C:\Users\user\AppData\Local\Temp\notepad.exe"
|
|
|
|
C:\Windows\SysWOW64\netsh.exe
|
netsh firewall add allowedprogram "C:\Users\user\AppData\Local\Temp\notepad.exe" "notepad.exe" ENABLE
|
|
|
|
C:\Users\user\AppData\Local\Temp\notepad.exe
|
"C:\Users\user\AppData\Local\Temp\notepad.exe" ..
|
|
|
|
C:\Users\user\AppData\Local\Temp\notepad.exe
|
"C:\Users\user\AppData\Local\Temp\notepad.exe" ..
|
|
|
|
C:\Users\user\AppData\Local\Temp\notepad.exe
|
"C:\Users\user\AppData\Local\Temp\notepad.exe" ..
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
10.9.203.254
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
10.9.203.254
|
unknown
|
unknown
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER
|
di
|
|
|
|
HKEY_CURRENT_USER\Environment
|
SEE_MASK_NOZONECHECKS
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
969f98392400891a1a1da27da68a2a1d
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run
|
969f98392400891a1a1da27da68a2a1d
|
||
|
HKEY_CURRENT_USER\SOFTWARE\969f98392400891a1a1da27da68a2a1d
|
[kl]
|
||
|
HKEY_CURRENT_USER\SOFTWARE\969f98392400891a1a1da27da68a2a1d
|
[kl]
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
52000
|
unkown
|
page readonly
|
|
|
|
3021000
|
trusted library allocation
|
page read and write
|
|
|
|
26A1000
|
trusted library allocation
|
page read and write
|
|
|
|
ACD000
|
heap
|
page read and write
|
||
|
B2E000
|
heap
|
page read and write
|
||
|
A88000
|
heap
|
page read and write
|
||
|
1047000
|
trusted library allocation
|
page execute and read and write
|
||
|
1130000
|
heap
|
page execute and read and write
|
||
|
9C0000
|
heap
|
page execute and read and write
|
||
|
B9E000
|
heap
|
page read and write
|
||
|
10C7000
|
trusted library allocation
|
page execute and read and write
|
||
|
A7E000
|
heap
|
page read and write
|
||
|
1082000
|
trusted library allocation
|
page execute and read and write
|
||
|
52AF000
|
stack
|
page read and write
|
||
|
110E000
|
heap
|
page read and write
|
||
|
101B000
|
trusted library allocation
|
page execute and read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
B3E000
|
stack
|
page read and write
|
||
|
1010000
|
heap
|
page execute and read and write
|
||
|
C22000
|
heap
|
page read and write
|
||
|
11F0000
|
heap
|
page read and write
|
||
|
A41000
|
heap
|
page read and write
|
||
|
BE5000
|
heap
|
page read and write
|
||
|
1370000
|
trusted library allocation
|
page execute and read and write
|
||
|
9F0000
|
heap
|
page read and write
|
||
|
BD2000
|
heap
|
page read and write
|
||
|
D35000
|
heap
|
page read and write
|
||
|
A7F000
|
heap
|
page read and write
|
||
|
950000
|
heap
|
page read and write
|
||
|
AD2000
|
heap
|
page read and write
|
||
|
A78000
|
heap
|
page read and write
|
||
|
E50000
|
heap
|
page read and write
|
||
|
123E000
|
stack
|
page read and write
|
||
|
AD6000
|
heap
|
page read and write
|
||
|
1032000
|
trusted library allocation
|
page execute and read and write
|
||
|
12A0000
|
trusted library allocation
|
page read and write
|
||
|
2ED1000
|
trusted library allocation
|
page read and write
|
||
|
126F000
|
trusted library allocation
|
page read and write
|
||
|
2B7E000
|
stack
|
page read and write
|
||
|
1360000
|
trusted library allocation
|
page read and write
|
||
|
A44000
|
heap
|
page read and write
|
||
|
B70000
|
heap
|
page read and write
|
||
|
FE2000
|
trusted library allocation
|
page execute and read and write
|
||
|
1090000
|
trusted library allocation
|
page read and write
|
||
|
B08000
|
heap
|
page read and write
|
||
|
530000
|
heap
|
page read and write
|
||
|
530E000
|
stack
|
page read and write
|
||
|
62A000
|
trusted library allocation
|
page execute and read and write
|
||
|
1110000
|
trusted library allocation
|
page execute and read and write
|
||
|
10B0000
|
trusted library allocation
|
page read and write
|
||
|
103A000
|
trusted library allocation
|
page execute and read and write
|
||
|
B2B000
|
heap
|
page read and write
|
||
|
521C000
|
stack
|
page read and write
|
||
|
A7E000
|
heap
|
page read and write
|
||
|
636000
|
trusted library allocation
|
page execute and read and write
|
||
|
FD2000
|
trusted library allocation
|
page execute and read and write
|
||
|
C05000
|
heap
|
page read and write
|
||
|
CAE000
|
heap
|
page read and write
|
||
|
ABF000
|
heap
|
page read and write
|
||
|
ADA000
|
heap
|
page read and write
|
||
|
CF9000
|
stack
|
page read and write
|
||
|
FC0000
|
trusted library allocation
|
page read and write
|
||
|
A60000
|
heap
|
page read and write
|
||
|
AF6000
|
stack
|
page read and write
|
||
|
535E000
|
stack
|
page read and write
|
||
|
AF9000
|
stack
|
page read and write
|
||
|
AC9000
|
heap
|
page read and write
|
||
|
B20000
|
heap
|
page read and write
|
||
|
8FB000
|
stack
|
page read and write
|
||
|
CEE000
|
stack
|
page read and write
|
||
|
57D000
|
stack
|
page read and write
|
||
|
10E0000
|
trusted library allocation
|
page read and write
|
||
|
1092000
|
trusted library allocation
|
page execute and read and write
|
||
|
5820000
|
heap
|
page read and write
|
||
|
4FCE000
|
stack
|
page read and write
|
||
|
508C000
|
stack
|
page read and write
|
||
|
50E1000
|
heap
|
page read and write
|
||
|
AD9000
|
heap
|
page read and write
|
||
|
A86000
|
heap
|
page read and write
|
||
|
A7C000
|
heap
|
page read and write
|
||
|
AC0000
|
heap
|
page read and write
|
||
|
B00000
|
heap
|
page read and write
|
||
|
9AE000
|
stack
|
page read and write
|
||
|
A5B000
|
stack
|
page read and write
|
||
|
10BC000
|
trusted library allocation
|
page execute and read and write
|
||
|
AC3000
|
heap
|
page read and write
|
||
|
AC7000
|
heap
|
page read and write
|
||
|
A80000
|
heap
|
page read and write
|
||
|
1129000
|
heap
|
page read and write
|
||
|
B20000
|
heap
|
page read and write
|
||
|
ADD000
|
heap
|
page read and write
|
||
|
A77000
|
heap
|
page read and write
|
||
|
B22000
|
heap
|
page read and write
|
||
|
1100000
|
trusted library allocation
|
page read and write
|
||
|
A77000
|
heap
|
page read and write
|
||
|
4FE0000
|
trusted library allocation
|
page read and write
|
||
|
B50000
|
heap
|
page read and write
|
||
|
1096000
|
trusted library allocation
|
page execute and read and write
|
||
|
ACD000
|
heap
|
page read and write
|
||
|
100A000
|
trusted library allocation
|
page execute and read and write
|
||
|
676000
|
heap
|
page read and write
|
||
|
BB4000
|
heap
|
page read and write
|
||
|
50CE000
|
stack
|
page read and write
|
||
|
48F0000
|
heap
|
page read and write
|
||
|
518C000
|
stack
|
page read and write
|
||
|
AC5000
|
heap
|
page read and write
|
||
|
CC4000
|
heap
|
page read and write
|
||
|
B56000
|
stack
|
page read and write
|
||
|
5910000
|
heap
|
page read and write
|
||
|
DD0000
|
heap
|
page read and write
|
||
|
1042000
|
trusted library allocation
|
page read and write
|
||
|
50E2000
|
heap
|
page read and write
|
||
|
10A2000
|
trusted library allocation
|
page execute and read and write
|
||
|
541E000
|
stack
|
page read and write
|
||
|
520E000
|
stack
|
page read and write
|
||
|
AD2000
|
heap
|
page read and write
|
||
|
4B4E000
|
stack
|
page read and write
|
||
|
2CDE000
|
stack
|
page read and write
|
||
|
440000
|
heap
|
page read and write
|
||
|
10B2000
|
trusted library allocation
|
page execute and read and write
|
||
|
4F0F000
|
stack
|
page read and write
|
||
|
AC7000
|
heap
|
page read and write
|
||
|
1E6000
|
stack
|
page read and write
|
||
|
ACA000
|
heap
|
page read and write
|
||
|
F9E000
|
stack
|
page read and write
|
||
|
4FAE000
|
stack
|
page read and write
|
||
|
3D21000
|
trusted library allocation
|
page read and write
|
||
|
50E1000
|
heap
|
page read and write
|
||
|
53EE000
|
stack
|
page read and write
|
||
|
B80000
|
heap
|
page read and write
|
||
|
ADA000
|
heap
|
page read and write
|
||
|
DB0000
|
heap
|
page read and write
|
||
|
BD0000
|
heap
|
page read and write
|
||
|
B22000
|
heap
|
page read and write
|
||
|
51AE000
|
stack
|
page read and write
|
||
|
AC6000
|
heap
|
page read and write
|
||
|
A9D000
|
heap
|
page read and write
|
||
|
B27000
|
heap
|
page read and write
|
||
|
29DE000
|
stack
|
page read and write
|
||
|
8F4000
|
stack
|
page read and write
|
||
|
B2C000
|
heap
|
page read and write
|
||
|
1430000
|
heap
|
page read and write
|
||
|
B24000
|
heap
|
page read and write
|
||
|
B08000
|
heap
|
page read and write
|
||
|
517C000
|
stack
|
page read and write
|
||
|
105E000
|
stack
|
page read and write
|
||
|
A30000
|
heap
|
page read and write
|
||
|
1E9000
|
stack
|
page read and write
|
||
|
10EB000
|
trusted library allocation
|
page execute and read and write
|
||
|
AC3000
|
heap
|
page read and write
|
||
|
511E000
|
stack
|
page read and write
|
||
|
7FA50000
|
trusted library allocation
|
page execute and read and write
|
||
|
110F000
|
trusted library allocation
|
page read and write
|
||
|
1360000
|
trusted library allocation
|
page read and write
|
||
|
111E000
|
heap
|
page read and write
|
||
|
AC0000
|
heap
|
page read and write
|
||
|
B2A000
|
heap
|
page read and write
|
||
|
CA0000
|
heap
|
page read and write
|
||
|
4EBE000
|
stack
|
page read and write
|
||
|
BA0000
|
trusted library allocation
|
page read and write
|
||
|
10B0000
|
heap
|
page read and write
|
||
|
B08000
|
heap
|
page read and write
|
||
|
50EC000
|
heap
|
page read and write
|
||
|
4FBE000
|
stack
|
page read and write
|
||
|
A7F000
|
heap
|
page read and write
|
||
|
1060000
|
heap
|
page read and write
|
||
|
AD4000
|
heap
|
page read and write
|
||
|
50F9000
|
heap
|
page read and write
|
||
|
A88000
|
heap
|
page read and write
|
||
|
1002000
|
trusted library allocation
|
page execute and read and write
|
||
|
5060000
|
heap
|
page read and write
|
||
|
10AA000
|
trusted library allocation
|
page execute and read and write
|
||
|
4A0E000
|
stack
|
page read and write
|
||
|
108A000
|
trusted library allocation
|
page execute and read and write
|
||
|
FFA000
|
trusted library allocation
|
page execute and read and write
|
||
|
CAD000
|
stack
|
page read and write
|
||
|
A51000
|
heap
|
page read and write
|
||
|
1103000
|
heap
|
page read and write
|
||
|
4FD0000
|
heap
|
page read and write
|
||
|
952000
|
trusted library allocation
|
page execute and read and write
|
||
|
50EE000
|
heap
|
page read and write
|
||
|
1370000
|
heap
|
page read and write
|
||
|
C2E000
|
stack
|
page read and write
|
||
|
13BC000
|
stack
|
page read and write
|
||
|
B08000
|
heap
|
page read and write
|
||
|
1115000
|
heap
|
page read and write
|
||
|
106E000
|
heap
|
page read and write
|
||
|
1150000
|
heap
|
page read and write
|
||
|
A9C000
|
heap
|
page read and write
|
||
|
FEC000
|
trusted library allocation
|
page execute and read and write
|
||
|
105E000
|
stack
|
page read and write
|
||
|
ACA000
|
heap
|
page read and write
|
||
|
BFB000
|
heap
|
page read and write
|
||
|
4C8E000
|
stack
|
page read and write
|
||
|
A67000
|
heap
|
page read and write
|
||
|
4F6E000
|
stack
|
page read and write
|
||
|
504E000
|
stack
|
page read and write
|
||
|
ADB000
|
heap
|
page read and write
|
||
|
1040000
|
trusted library allocation
|
page read and write
|
||
|
1000000
|
trusted library allocation
|
page read and write
|
||
|
545F000
|
stack
|
page read and write
|
||
|
A9C000
|
heap
|
page read and write
|
||
|
920000
|
heap
|
page read and write
|
||
|
FE6000
|
trusted library allocation
|
page execute and read and write
|
||
|
BE0000
|
heap
|
page read and write
|
||
|
10D6000
|
heap
|
page read and write
|
||
|
AE1000
|
heap
|
page read and write
|
||
|
A84000
|
heap
|
page read and write
|
||
|
AC2000
|
heap
|
page read and write
|
||
|
1060000
|
heap
|
page read and write
|
||
|
1027000
|
trusted library allocation
|
page execute and read and write
|
||
|
3ED4000
|
trusted library allocation
|
page read and write
|
||
|
B59000
|
stack
|
page read and write
|
||
|
E1E000
|
stack
|
page read and write
|
||
|
3ED1000
|
trusted library allocation
|
page read and write
|
||
|
967000
|
trusted library allocation
|
page execute and read and write
|
||
|
B21000
|
heap
|
page read and write
|
||
|
A7C000
|
heap
|
page read and write
|
||
|
F5E000
|
stack
|
page read and write
|
||
|
A50000
|
trusted library allocation
|
page read and write
|
||
|
50FA000
|
heap
|
page read and write
|
||
|
BD8000
|
heap
|
page read and write
|
||
|
7E0000
|
heap
|
page read and write
|
||
|
112E000
|
stack
|
page read and write
|
||
|
544E000
|
stack
|
page read and write
|
||
|
B6D000
|
unkown
|
page read and write
|
||
|
50EC000
|
heap
|
page read and write
|
||
|
7F0000
|
heap
|
page read and write
|
||
|
51D0000
|
heap
|
page read and write
|
||
|
A9E000
|
heap
|
page read and write
|
||
|
10E7000
|
heap
|
page read and write
|
||
|
C42000
|
heap
|
page read and write
|
||
|
4B8E000
|
stack
|
page read and write
|
||
|
A2E000
|
stack
|
page read and write
|
||
|
10D0000
|
heap
|
page read and write
|
||
|
6F5000
|
heap
|
page read and write
|
||
|
A7B000
|
heap
|
page read and write
|
||
|
10E7000
|
trusted library allocation
|
page execute and read and write
|
||
|
1260000
|
heap
|
page execute and read and write
|
||
|
8EE000
|
stack
|
page read and write
|
||
|
C30000
|
heap
|
page read and write
|
||
|
BB0000
|
heap
|
page read and write
|
||
|
B40000
|
heap
|
page read and write
|
||
|
1070000
|
heap
|
page read and write
|
||
|
AD2000
|
heap
|
page read and write
|
||
|
84F000
|
stack
|
page read and write
|
||
|
A5B000
|
stack
|
page read and write
|
||
|
104B000
|
trusted library allocation
|
page execute and read and write
|
||
|
111E000
|
stack
|
page read and write
|
||
|
125E000
|
stack
|
page read and write
|
||
|
4021000
|
trusted library allocation
|
page read and write
|
||
|
BA0000
|
heap
|
page read and write
|
||
|
AD0000
|
heap
|
page read and write
|
||
|
102A000
|
trusted library allocation
|
page execute and read and write
|
||
|
955000
|
heap
|
page read and write
|
||
|
ACD000
|
heap
|
page read and write
|
||
|
521E000
|
stack
|
page read and write
|
||
|
AD6000
|
heap
|
page read and write
|
||
|
1111000
|
heap
|
page read and write
|
||
|
50F8000
|
heap
|
page read and write
|
||
|
47EE000
|
stack
|
page read and write
|
||
|
930000
|
heap
|
page read and write
|
||
|
554E000
|
stack
|
page read and write
|
||
|
FF2000
|
trusted library allocation
|
page execute and read and write
|
||
|
6BD000
|
heap
|
page read and write
|
||
|
13C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1017000
|
trusted library allocation
|
page execute and read and write
|
||
|
50EC000
|
heap
|
page read and write
|
||
|
51DF000
|
stack
|
page read and write
|
||
|
610000
|
trusted library allocation
|
page read and write
|
||
|
78B000
|
stack
|
page read and write
|
||
|
AC1000
|
heap
|
page read and write
|
||
|
5130000
|
trusted library allocation
|
page read and write
|
||
|
5120000
|
trusted library allocation
|
page read and write
|
||
|
A78000
|
heap
|
page read and write
|
||
|
51BB000
|
stack
|
page read and write
|
||
|
5A10000
|
heap
|
page read and write
|
||
|
4E0E000
|
stack
|
page read and write
|
||
|
F4E000
|
stack
|
page read and write
|
||
|
ACE000
|
heap
|
page read and write
|
||
|
B20000
|
heap
|
page read and write
|
||
|
8FE000
|
stack
|
page read and write
|
||
|
A51000
|
heap
|
page read and write
|
||
|
51EE000
|
stack
|
page read and write
|
||
|
FA0000
|
heap
|
page read and write
|
||
|
B88000
|
heap
|
page read and write
|
||
|
136F000
|
trusted library allocation
|
page read and write
|
||
|
109D000
|
heap
|
page read and write
|
||
|
ABF000
|
heap
|
page read and write
|
||
|
A51000
|
heap
|
page read and write
|
||
|
110A000
|
heap
|
page read and write
|
||
|
658000
|
heap
|
page read and write
|
||
|
50DE000
|
stack
|
page read and write
|
||
|
50C0000
|
heap
|
page read and write
|
||
|
1270000
|
trusted library allocation
|
page execute and read and write
|
||
|
B26000
|
heap
|
page read and write
|
||
|
B75000
|
heap
|
page read and write
|
||
|
C7D000
|
stack
|
page read and write
|
||
|
A77000
|
heap
|
page read and write
|
||
|
96B000
|
trusted library allocation
|
page execute and read and write
|
||
|
AC0000
|
heap
|
page read and write
|
||
|
10C0000
|
trusted library allocation
|
page read and write
|
||
|
4A20000
|
heap
|
page read and write
|
||
|
A9D000
|
heap
|
page read and write
|
||
|
A88000
|
heap
|
page read and write
|
||
|
46EE000
|
stack
|
page read and write
|
||
|
A7F000
|
heap
|
page read and write
|
||
|
6F0000
|
heap
|
page read and write
|
||
|
F90000
|
heap
|
page read and write
|
||
|
531F000
|
stack
|
page read and write
|
||
|
5258000
|
stack
|
page read and write
|
||
|
1260000
|
trusted library allocation
|
page read and write
|
||
|
94F000
|
stack
|
page read and write
|
||
|
AD2000
|
heap
|
page read and write
|
||
|
BBE000
|
stack
|
page read and write
|
||
|
2EC1000
|
trusted library allocation
|
page read and write
|
||
|
13E0000
|
heap
|
page read and write
|
||
|
A9C000
|
heap
|
page read and write
|
||
|
6E4000
|
heap
|
page read and write
|
||
|
D30000
|
heap
|
page read and write
|
||
|
AA6000
|
heap
|
page read and write
|
||
|
ED0000
|
heap
|
page read and write
|
||
|
4F4E000
|
stack
|
page read and write
|
||
|
B59000
|
stack
|
page read and write
|
||
|
51C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
5BE000
|
stack
|
page read and write
|
||
|
B08000
|
heap
|
page read and write
|
||
|
104E000
|
stack
|
page read and write
|
||
|
450000
|
heap
|
page read and write
|
||
|
A9E000
|
heap
|
page read and write
|
||
|
483E000
|
stack
|
page read and write
|
||
|
E60000
|
heap
|
page read and write
|
||
|
AC6000
|
heap
|
page read and write
|
||
|
9D0000
|
heap
|
page read and write
|
||
|
516E000
|
stack
|
page read and write
|
||
|
2D21000
|
trusted library allocation
|
page read and write
|
||
|
A3B000
|
heap
|
page read and write
|
||
|
68E000
|
heap
|
page read and write
|
||
|
B29000
|
heap
|
page read and write
|
||
|
5BB000
|
stack
|
page read and write
|
||
|
B20000
|
heap
|
page read and write
|
||
|
10B6000
|
trusted library allocation
|
page execute and read and write
|
||
|
129E000
|
stack
|
page read and write
|
||
|
504F000
|
stack
|
page read and write
|
||
|
109C000
|
trusted library allocation
|
page execute and read and write
|
||
|
A77000
|
heap
|
page read and write
|
||
|
FDA000
|
trusted library allocation
|
page execute and read and write
|
||
|
ADB000
|
heap
|
page read and write
|
||
|
10E4000
|
heap
|
page read and write
|
||
|
50EC000
|
heap
|
page read and write
|
||
|
F0F000
|
stack
|
page read and write
|
||
|
50E6000
|
heap
|
page read and write
|
||
|
36A1000
|
trusted library allocation
|
page read and write
|
||
|
B03000
|
heap
|
page read and write
|
||
|
4A4D000
|
stack
|
page read and write
|
||
|
50000
|
unkown
|
page readonly
|
||
|
CF0000
|
heap
|
page read and write
|
||
|
52EE000
|
stack
|
page read and write
|
||
|
56B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
A89000
|
heap
|
page read and write
|
||
|
AD6000
|
heap
|
page read and write
|
||
|
65E000
|
heap
|
page read and write
|
||
|
AA3000
|
heap
|
page read and write
|
||
|
63A000
|
trusted library allocation
|
page execute and read and write
|
||
|
FE0000
|
trusted library allocation
|
page read and write
|
||
|
630000
|
trusted library allocation
|
page read and write
|
||
|
508E000
|
stack
|
page read and write
|
||
|
C09000
|
heap
|
page read and write
|
||
|
50EE000
|
heap
|
page read and write
|
||
|
650000
|
heap
|
page read and write
|
||
|
AC9000
|
heap
|
page read and write
|
||
|
A79000
|
heap
|
page read and write
|
||
|
3074000
|
trusted library allocation
|
page read and write
|
||
|
5900000
|
heap
|
page read and write
|
||
|
FE0000
|
trusted library allocation
|
page read and write
|
||
|
A8A000
|
heap
|
page read and write
|
||
|
AC9000
|
heap
|
page read and write
|
||
|
CF6000
|
stack
|
page read and write
|
||
|
A6A000
|
heap
|
page read and write
|
||
|
1130000
|
heap
|
page read and write
|
||
|
36A4000
|
trusted library allocation
|
page read and write
|
||
|
A7C000
|
heap
|
page read and write
|
||
|
99A000
|
stack
|
page read and write
|
||
|
52C0000
|
unclassified section
|
page read and write
|
||
|
3D24000
|
trusted library allocation
|
page read and write
|
||
|
BEF000
|
heap
|
page read and write
|
||
|
EB000
|
stack
|
page read and write
|
||
|
3EC4000
|
trusted library allocation
|
page read and write
|
||
|
AC7000
|
heap
|
page read and write
|
||
|
A86000
|
heap
|
page read and write
|
||
|
A7E000
|
heap
|
page read and write
|
||
|
622000
|
trusted library allocation
|
page execute and read and write
|
||
|
C6E000
|
unkown
|
page read and write
|
||
|
1002000
|
trusted library allocation
|
page execute and read and write
|
||
|
12D0000
|
heap
|
page execute and read and write
|
||
|
C4F000
|
heap
|
page read and write
|
||
|
ACD000
|
heap
|
page read and write
|
||
|
3EC1000
|
trusted library allocation
|
page read and write
|
||
|
B20000
|
heap
|
page read and write
|
||
|
4F70000
|
heap
|
page read and write
|
||
|
FDF000
|
stack
|
page read and write
|
||
|
4F6F000
|
stack
|
page read and write
|
||
|
B2D000
|
heap
|
page read and write
|
||
|
B56000
|
stack
|
page read and write
|
||
|
1130000
|
heap
|
page read and write
|
||
|
51D3000
|
heap
|
page read and write
|
||
|
AD2000
|
heap
|
page read and write
|
||
|
A7B000
|
heap
|
page read and write
|
||
|
D20000
|
heap
|
page read and write
|
||
|
AC0000
|
heap
|
page read and write
|
||
|
4DCE000
|
stack
|
page read and write
|
||
|
455000
|
heap
|
page read and write
|
||
|
AA3000
|
heap
|
page read and write
|
||
|
531E000
|
stack
|
page read and write
|
||
|
50EC000
|
heap
|
page read and write
|
||
|
4F20000
|
trusted library allocation
|
page read and write
|
||
|
EA0000
|
heap
|
page read and write
|
||
|
ED5000
|
heap
|
page read and write
|
||
|
A9F000
|
heap
|
page read and write
|
||
|
AD9000
|
heap
|
page read and write
|
||
|
A9F000
|
heap
|
page read and write
|
||
|
AA6000
|
heap
|
page read and write
|
||
|
C98000
|
heap
|
page read and write
|
||
|
12A8000
|
trusted library allocation
|
page read and write
|
||
|
A9C000
|
heap
|
page read and write
|
||
|
B70000
|
trusted library allocation
|
page execute and read and write
|
||
|
BB0000
|
heap
|
page read and write
|
||
|
48C0000
|
heap
|
page read and write
|
||
|
A7C000
|
heap
|
page read and write
|
||
|
6F8000
|
heap
|
page read and write
|
||
|
E9F000
|
stack
|
page read and write
|
||
|
5E0000
|
heap
|
page read and write
|
||
|
10FE000
|
stack
|
page read and write
|
||
|
502E000
|
stack
|
page read and write
|
||
|
ACD000
|
heap
|
page read and write
|
||
|
FA6000
|
heap
|
page read and write
|
||
|
4CCE000
|
stack
|
page read and write
|
||
|
1090000
|
trusted library allocation
|
page read and write
|
||
|
A8B000
|
heap
|
page read and write
|
||
|
632000
|
trusted library allocation
|
page execute and read and write
|
||
|
5100000
|
heap
|
page read and write
|
||
|
C90000
|
heap
|
page read and write
|
||
|
106A000
|
heap
|
page read and write
|
||
|
DAE000
|
stack
|
page read and write
|
||
|
10B2000
|
trusted library allocation
|
page execute and read and write
|
||
|
63C000
|
trusted library allocation
|
page execute and read and write
|
||
|
B2A000
|
heap
|
page read and write
|
||
|
540F000
|
stack
|
page read and write
|
||
|
95A000
|
trusted library allocation
|
page execute and read and write
|
||
|
4047000
|
trusted library allocation
|
page read and write
|
||
|
10CB000
|
trusted library allocation
|
page execute and read and write
|
||
|
A86000
|
heap
|
page read and write
|
||
|
A7C000
|
heap
|
page read and write
|
||
|
B6E000
|
stack
|
page read and write
|
||
|
134E000
|
stack
|
page read and write
|
||
|
10D2000
|
trusted library allocation
|
page execute and read and write
|
||
|
52EE000
|
stack
|
page read and write
|
There are 447 hidden memdumps, click here to show them.