Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
SecuriteInfo.com.BScope.TrojanPSW.Stealer.3956.28708.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
||
|
C:\Program Files (x86)\txt to epub converter\TXT to ePub converter.exe (copy)
|
PE32 executable (GUI) Intel 80386, for MS Windows, AIN 2.x self-extracting archive
|
dropped
|
||
|
C:\Program Files (x86)\txt to epub converter\config.ini (copy)
|
Microsoft HTML Help Project
|
dropped
|
||
|
C:\Program Files (x86)\txt to epub converter\epubfiles\CCS\is-FSN7P.tmp
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files (x86)\txt to epub converter\epubfiles\CCS\stylesheet.css (copy)
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files (x86)\txt to epub converter\epubfiles\META-INF\container.xml (copy)
|
XML 1.0 document, ASCII text, with CRLF, LF line terminators
|
dropped
|
||
|
C:\Program Files (x86)\txt to epub converter\epubfiles\META-INF\is-OU0ID.tmp
|
XML 1.0 document, ASCII text, with CRLF, LF line terminators
|
dropped
|
||
|
C:\Program Files (x86)\txt to epub converter\epubfiles\is-4I22N.tmp
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files (x86)\txt to epub converter\epubfiles\mimetype (copy)
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files (x86)\txt to epub converter\is-736GC.tmp
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\txt to epub converter\is-BLQUI.tmp
|
Microsoft HTML Help Project
|
dropped
|
||
|
C:\Program Files (x86)\txt to epub converter\is-IAGUC.tmp
|
PE32 executable (GUI) Intel 80386, for MS Windows, AIN 2.x self-extracting archive
|
dropped
|
||
|
C:\Program Files (x86)\txt to epub converter\unins000.dat
|
InnoSetup Log TXT to ePub Converter {BFBA7F3A-1F10-4754-ADEC-A8CFBB4F925B}, version 0x30, 2204 bytes, 301389\user, "C:\Program
Files (x86)\txt to epub converter"
|
dropped
|
||
|
C:\Program Files (x86)\txt to epub converter\unins000.exe (copy)
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\txt to epub converter\TXT to ePub Converter.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Archive,
ctime=Wed May 22 19:13:48 2024, mtime=Wed May 22 19:13:48 2024, atime=Fri Oct 18 00:01:10 2013, length=1288192, window=hide
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\txt to epub converter\Uninstall TXT to ePub Converter.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Archive,
ctime=Wed May 22 19:13:48 2024, mtime=Wed May 22 19:13:48 2024, atime=Wed May 22 19:13:13 2024, length=717985, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\is-4PPEK.tmp\_isetup\_setup64.tmp
|
PE32+ executable (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\is-4PPEK.tmp\_isetup\_shfoldr.dll
|
PE32 executable (DLL) (GUI) Intel 80386 (stripped to external PDB), for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\is-V3QT6.tmp\SecuriteInfo.com.BScope.TrojanPSW.Stealer.3956.28708.tmp
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
There are 9 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Stealer.3956.28708.exe
|
"C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Stealer.3956.28708.exe"
|
||
|
C:\Users\user\AppData\Local\Temp\is-V3QT6.tmp\SecuriteInfo.com.BScope.TrojanPSW.Stealer.3956.28708.tmp
|
"C:\Users\user\AppData\Local\Temp\is-V3QT6.tmp\SecuriteInfo.com.BScope.TrojanPSW.Stealer.3956.28708.tmp" /SL5="$203F2,492927,56832,C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Stealer.3956.28708.exe"
|
||
|
C:\Program Files (x86)\txt to epub converter\TXT to ePub converter.exe
|
"C:\Program Files (x86)\txt to epub converter\TXT to epub converter.exe"
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://www.idpf.org/2007/opf
|
unknown
|
||
|
http://www.innosetup.com/
|
unknown
|
||
|
http://www.remobjects.com/psU
|
unknown
|
||
|
http://www.epubforwindows.com/.
|
unknown
|
||
|
http://www.jrsoftware.org/ishelp/index.php?topic=setupcmdlineSetupU
|
unknown
|
||
|
http://www.epubforwindows.com/
|
unknown
|
||
|
http://www.epubforwindows.com/buynow.htmU
|
unknown
|
||
|
http://www.jrsoftware.org/ishelp/index.php?topic=setupcmdline
|
unknown
|
||
|
http://www.epubforwindows.com
|
unknown
|
||
|
http://www.remobjects.com/ps
|
unknown
|
||
|
http://www.luckhan.com/
|
unknown
|
||
|
http://www.epubforwindows.com/buynow.htm
|
unknown
|
||
|
http://www.daisy.org/z3986/2005/ncx/
|
unknown
|
There are 3 hidden URLs, click here to show them.
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
Owner
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
SessionHash
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
Sequence
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
RegFiles0000
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
RegFilesHash
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{BFBA7F3A-1F10-4754-ADEC-A8CFBB4F925B}_is1
|
Inno Setup: Setup Version
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{BFBA7F3A-1F10-4754-ADEC-A8CFBB4F925B}_is1
|
Inno Setup: App Path
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{BFBA7F3A-1F10-4754-ADEC-A8CFBB4F925B}_is1
|
InstallLocation
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{BFBA7F3A-1F10-4754-ADEC-A8CFBB4F925B}_is1
|
Inno Setup: Icon Group
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{BFBA7F3A-1F10-4754-ADEC-A8CFBB4F925B}_is1
|
Inno Setup: User
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{BFBA7F3A-1F10-4754-ADEC-A8CFBB4F925B}_is1
|
Inno Setup: Selected Tasks
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{BFBA7F3A-1F10-4754-ADEC-A8CFBB4F925B}_is1
|
Inno Setup: Deselected Tasks
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{BFBA7F3A-1F10-4754-ADEC-A8CFBB4F925B}_is1
|
Inno Setup: Language
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{BFBA7F3A-1F10-4754-ADEC-A8CFBB4F925B}_is1
|
DisplayName
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{BFBA7F3A-1F10-4754-ADEC-A8CFBB4F925B}_is1
|
UninstallString
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{BFBA7F3A-1F10-4754-ADEC-A8CFBB4F925B}_is1
|
QuietUninstallString
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{BFBA7F3A-1F10-4754-ADEC-A8CFBB4F925B}_is1
|
DisplayVersion
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{BFBA7F3A-1F10-4754-ADEC-A8CFBB4F925B}_is1
|
Publisher
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{BFBA7F3A-1F10-4754-ADEC-A8CFBB4F925B}_is1
|
URLInfoAbout
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{BFBA7F3A-1F10-4754-ADEC-A8CFBB4F925B}_is1
|
HelpLink
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{BFBA7F3A-1F10-4754-ADEC-A8CFBB4F925B}_is1
|
URLUpdateInfo
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{BFBA7F3A-1F10-4754-ADEC-A8CFBB4F925B}_is1
|
NoModify
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{BFBA7F3A-1F10-4754-ADEC-A8CFBB4F925B}_is1
|
NoRepair
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{BFBA7F3A-1F10-4754-ADEC-A8CFBB4F925B}_is1
|
InstallDate
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{BFBA7F3A-1F10-4754-ADEC-A8CFBB4F925B}_is1
|
MajorVersion
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{BFBA7F3A-1F10-4754-ADEC-A8CFBB4F925B}_is1
|
MinorVersion
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{BFBA7F3A-1F10-4754-ADEC-A8CFBB4F925B}_is1
|
EstimatedSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\txt2epub\MyPass
|
Date
|
There are 18 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2251000
|
direct allocation
|
page read and write
|
||
|
5A0000
|
heap
|
page read and write
|
||
|
80D000
|
heap
|
page read and write
|
||
|
829000
|
heap
|
page read and write
|
||
|
40B000
|
unkown
|
page write copy
|
||
|
2248000
|
direct allocation
|
page read and write
|
||
|
495F000
|
stack
|
page read and write
|
||
|
823000
|
heap
|
page read and write
|
||
|
2360000
|
direct allocation
|
page read and write
|
||
|
2253000
|
direct allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
49A000
|
unkown
|
page write copy
|
||
|
27C0000
|
trusted library allocation
|
page read and write
|
||
|
46E000
|
heap
|
page read and write
|
||
|
2230000
|
direct allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
353E000
|
stack
|
page read and write
|
||
|
7E8000
|
heap
|
page read and write
|
||
|
847000
|
heap
|
page read and write
|
||
|
79E000
|
stack
|
page read and write
|
||
|
411000
|
unkown
|
page readonly
|
||
|
81C000
|
heap
|
page read and write
|
||
|
4960000
|
heap
|
page read and write
|
||
|
4998000
|
heap
|
page read and write
|
||
|
2254000
|
direct allocation
|
page read and write
|
||
|
46A000
|
heap
|
page read and write
|
||
|
224C000
|
direct allocation
|
page read and write
|
||
|
223C000
|
direct allocation
|
page read and write
|
||
|
81E000
|
heap
|
page read and write
|
||
|
32EF000
|
stack
|
page read and write
|
||
|
7FF000
|
heap
|
page read and write
|
||
|
697000
|
heap
|
page read and write
|
||
|
670000
|
direct allocation
|
page execute and read and write
|
||
|
4A61000
|
heap
|
page read and write
|
||
|
4998000
|
heap
|
page read and write
|
||
|
696000
|
heap
|
page read and write
|
||
|
847000
|
heap
|
page read and write
|
||
|
5A0000
|
heap
|
page read and write
|
||
|
460000
|
heap
|
page read and write
|
||
|
29CF000
|
stack
|
page read and write
|
||
|
224E000
|
direct allocation
|
page read and write
|
||
|
720000
|
heap
|
page read and write
|
||
|
3540000
|
direct allocation
|
page read and write
|
||
|
2B0F000
|
stack
|
page read and write
|
||
|
62E000
|
stack
|
page read and write
|
||
|
805000
|
heap
|
page read and write
|
||
|
831000
|
heap
|
page read and write
|
||
|
4A60000
|
heap
|
page read and write
|
||
|
7F2000
|
heap
|
page read and write
|
||
|
823000
|
heap
|
page read and write
|
||
|
7B0000
|
heap
|
page read and write
|
||
|
7D0000
|
heap
|
page read and write
|
||
|
42C0000
|
trusted library allocation
|
page read and write
|
||
|
550000
|
heap
|
page read and write
|
||
|
9CF000
|
stack
|
page read and write
|
||
|
7EB000
|
heap
|
page read and write
|
||
|
81C000
|
heap
|
page read and write
|
||
|
31EE000
|
stack
|
page read and write
|
||
|
2A0E000
|
stack
|
page read and write
|
||
|
805000
|
heap
|
page read and write
|
||
|
773000
|
heap
|
page read and write
|
||
|
2218000
|
direct allocation
|
page read and write
|
||
|
2084000
|
direct allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
7F8000
|
heap
|
page read and write
|
||
|
225B000
|
direct allocation
|
page read and write
|
||
|
2258000
|
direct allocation
|
page read and write
|
||
|
811000
|
heap
|
page read and write
|
||
|
80A000
|
heap
|
page read and write
|
||
|
208C000
|
direct allocation
|
page read and write
|
||
|
79A000
|
heap
|
page read and write
|
||
|
3100000
|
direct allocation
|
page read and write
|
||
|
6020000
|
direct allocation
|
page read and write
|
||
|
82D000
|
heap
|
page read and write
|
||
|
7F3000
|
heap
|
page read and write
|
||
|
2254000
|
direct allocation
|
page read and write
|
||
|
4961000
|
heap
|
page read and write
|
||
|
80C000
|
heap
|
page read and write
|
||
|
2249000
|
direct allocation
|
page read and write
|
||
|
33FE000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
401000
|
unkown
|
page execute read
|
||
|
2228000
|
direct allocation
|
page read and write
|
||
|
4B60000
|
heap
|
page read and write
|
||
|
2395000
|
heap
|
page read and write
|
||
|
81C000
|
heap
|
page read and write
|
||
|
4CF000
|
unkown
|
page write copy
|
||
|
40B000
|
unkown
|
page read and write
|
||
|
4CF000
|
unkown
|
page read and write
|
||
|
49B000
|
unkown
|
page read and write
|
||
|
83B000
|
heap
|
page read and write
|
||
|
2810000
|
heap
|
page read and write
|
||
|
2144000
|
direct allocation
|
page read and write
|
||
|
2230000
|
direct allocation
|
page read and write
|
||
|
2390000
|
heap
|
page read and write
|
||
|
220C000
|
direct allocation
|
page read and write
|
||
|
2200000
|
direct allocation
|
page read and write
|
||
|
2384000
|
heap
|
page read and write
|
||
|
5EE000
|
stack
|
page read and write
|
||
|
2360000
|
direct allocation
|
page read and write
|
||
|
21F5000
|
heap
|
page read and write
|
||
|
838000
|
heap
|
page read and write
|
||
|
832000
|
heap
|
page read and write
|
||
|
2250000
|
direct allocation
|
page read and write
|
||
|
823000
|
heap
|
page read and write
|
||
|
2249000
|
direct allocation
|
page read and write
|
||
|
2081000
|
direct allocation
|
page read and write
|
||
|
81D000
|
heap
|
page read and write
|
||
|
7E4000
|
heap
|
page read and write
|
||
|
2094000
|
direct allocation
|
page read and write
|
||
|
224A000
|
direct allocation
|
page read and write
|
||
|
91000
|
stack
|
page read and write
|
||
|
4AB000
|
unkown
|
page readonly
|
||
|
21F0000
|
heap
|
page read and write
|
||
|
2090000
|
direct allocation
|
page read and write
|
||
|
4AB000
|
unkown
|
page readonly
|
||
|
400000
|
unkown
|
page readonly
|
||
|
2240000
|
direct allocation
|
page read and write
|
||
|
59E000
|
stack
|
page read and write
|
||
|
2207000
|
direct allocation
|
page read and write
|
||
|
809000
|
heap
|
page read and write
|
||
|
224D000
|
direct allocation
|
page read and write
|
||
|
2074000
|
direct allocation
|
page read and write
|
||
|
2253000
|
direct allocation
|
page read and write
|
||
|
225B000
|
direct allocation
|
page read and write
|
||
|
224A000
|
direct allocation
|
page read and write
|
||
|
845000
|
heap
|
page read and write
|
||
|
223C000
|
direct allocation
|
page read and write
|
||
|
18E000
|
stack
|
page read and write
|
||
|
2234000
|
direct allocation
|
page read and write
|
||
|
2260000
|
direct allocation
|
page read and write
|
||
|
2258000
|
direct allocation
|
page read and write
|
||
|
818000
|
heap
|
page read and write
|
||
|
2258000
|
direct allocation
|
page read and write
|
||
|
7C0000
|
heap
|
page read and write
|
||
|
96000
|
stack
|
page read and write
|
||
|
224E000
|
direct allocation
|
page read and write
|
||
|
2244000
|
direct allocation
|
page read and write
|
||
|
40D000
|
unkown
|
page write copy
|
||
|
838000
|
heap
|
page read and write
|
||
|
7EF000
|
heap
|
page read and write
|
||
|
650000
|
heap
|
page read and write
|
||
|
5B20000
|
heap
|
page read and write
|
||
|
32F0000
|
trusted library allocation
|
page read and write
|
||
|
21F0000
|
heap
|
page read and write
|
||
|
4DB000
|
unkown
|
page write copy
|
||
|
2088000
|
direct allocation
|
page read and write
|
||
|
2250000
|
direct allocation
|
page read and write
|
||
|
7DE000
|
heap
|
page read and write
|
||
|
224E000
|
direct allocation
|
page read and write
|
||
|
483000
|
heap
|
page read and write
|
||
|
2250000
|
direct allocation
|
page read and write
|
||
|
7F5000
|
heap
|
page read and write
|
||
|
2224000
|
direct allocation
|
page read and write
|
||
|
2258000
|
direct allocation
|
page read and write
|
||
|
80A000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
430000
|
heap
|
page read and write
|
||
|
81C000
|
heap
|
page read and write
|
||
|
3100000
|
heap
|
page read and write
|
||
|
630000
|
heap
|
page read and write
|
||
|
411000
|
unkown
|
page readonly
|
||
|
2380000
|
heap
|
page read and write
|
||
|
819000
|
heap
|
page read and write
|
||
|
224B000
|
direct allocation
|
page read and write
|
||
|
2218000
|
direct allocation
|
page read and write
|
||
|
7EA000
|
heap
|
page read and write
|
||
|
770000
|
heap
|
page read and write
|
||
|
49D000
|
unkown
|
page write copy
|
||
|
815000
|
heap
|
page read and write
|
||
|
499000
|
unkown
|
page read and write
|
||
|
7F2000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
82E000
|
heap
|
page read and write
|
||
|
225C000
|
direct allocation
|
page read and write
|
||
|
815000
|
heap
|
page read and write
|
||
|
224C000
|
direct allocation
|
page read and write
|
||
|
690000
|
heap
|
page read and write
|
||
|
2081000
|
direct allocation
|
page read and write
|
||
|
4C0000
|
heap
|
page read and write
|
||
|
2208000
|
direct allocation
|
page read and write
|
||
|
823000
|
heap
|
page read and write
|
||
|
21F9000
|
heap
|
page read and write
|
||
|
842000
|
heap
|
page read and write
|
||
|
2254000
|
direct allocation
|
page read and write
|
||
|
7C0000
|
heap
|
page read and write
|
||
|
9B000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
809000
|
heap
|
page read and write
|
||
|
2248000
|
direct allocation
|
page read and write
|
||
|
809000
|
heap
|
page read and write
|
||
|
2259000
|
direct allocation
|
page read and write
|
||
|
2256000
|
direct allocation
|
page read and write
|
||
|
818000
|
heap
|
page read and write
|
||
|
3100000
|
direct allocation
|
page read and write
|
||
|
7EF000
|
heap
|
page read and write
|
||
|
81C000
|
heap
|
page read and write
|
||
|
4962000
|
heap
|
page read and write
|
||
|
28CE000
|
stack
|
page read and write
|
||
|
4E0000
|
unkown
|
page readonly
|
||
|
818000
|
heap
|
page read and write
|
||
|
224C000
|
direct allocation
|
page read and write
|
||
|
499D000
|
heap
|
page read and write
|
||
|
4998000
|
heap
|
page read and write
|
||
|
34FF000
|
stack
|
page read and write
|
||
|
222C000
|
direct allocation
|
page read and write
|
||
|
807000
|
heap
|
page read and write
|
||
|
7D2000
|
heap
|
page read and write
|
||
|
2340000
|
direct allocation
|
page read and write
|
||
|
2258000
|
direct allocation
|
page read and write
|
||
|
2220000
|
direct allocation
|
page read and write
|
||
|
4D8000
|
unkown
|
page read and write
|
||
|
8A4000
|
heap
|
page read and write
|
||
|
84D000
|
heap
|
page read and write
|
||
|
83A000
|
heap
|
page read and write
|
||
|
4A70000
|
heap
|
page read and write
|
||
|
7BB000
|
heap
|
page read and write
|
||
|
790000
|
heap
|
page read and write
|
||
|
818000
|
heap
|
page read and write
|
||
|
818000
|
heap
|
page read and write
|
||
|
2340000
|
direct allocation
|
page read and write
|
||
|
2248000
|
direct allocation
|
page read and write
|
||
|
730000
|
direct allocation
|
page execute and read and write
|
||
|
77F000
|
stack
|
page read and write
|
||
|
81D000
|
heap
|
page read and write
|
||
|
499000
|
unkown
|
page write copy
|
||
|
223F000
|
direct allocation
|
page read and write
|
||
|
819000
|
heap
|
page read and write
|
||
|
7DB000
|
heap
|
page read and write
|
||
|
2247000
|
direct allocation
|
page read and write
|
||
|
7F7000
|
heap
|
page read and write
|
||
|
833000
|
heap
|
page read and write
|
||
|
2251000
|
direct allocation
|
page read and write
|
||
|
42B0000
|
trusted library allocation
|
page read and write
|
||
|
2070000
|
direct allocation
|
page read and write
|
||
|
19D000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
818000
|
heap
|
page read and write
|
||
|
420000
|
heap
|
page read and write
|
||
|
79E000
|
heap
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
2399000
|
heap
|
page read and write
|
There are 232 hidden memdumps, click here to show them.