Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
MemProfilerInstaller5_7_28.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
||
|
C:\Users\user\AppData\Local\Temp\.NET_Memory_Profiler_5.7_20240524002121.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\Temp\{2CFE9258-2647-47E2-8C0C-66233E78E1BF}\.ba\1028\mbapreq.wxl
|
XML 1.0 document, Unicode text, UTF-8 text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\Temp\{2CFE9258-2647-47E2-8C0C-66233E78E1BF}\.ba\1029\mbapreq.wxl
|
XML 1.0 document, Unicode text, UTF-8 text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\Temp\{2CFE9258-2647-47E2-8C0C-66233E78E1BF}\.ba\1030\mbapreq.wxl
|
XML 1.0 document, Unicode text, UTF-8 text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\Temp\{2CFE9258-2647-47E2-8C0C-66233E78E1BF}\.ba\1031\mbapreq.wxl
|
XML 1.0 document, Unicode text, UTF-8 text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\Temp\{2CFE9258-2647-47E2-8C0C-66233E78E1BF}\.ba\1032\mbapreq.wxl
|
XML 1.0 document, Unicode text, UTF-8 text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\Temp\{2CFE9258-2647-47E2-8C0C-66233E78E1BF}\.ba\1035\mbapreq.wxl
|
XML 1.0 document, Unicode text, UTF-8 text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\Temp\{2CFE9258-2647-47E2-8C0C-66233E78E1BF}\.ba\1036\mbapreq.wxl
|
XML 1.0 document, Unicode text, UTF-8 text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\Temp\{2CFE9258-2647-47E2-8C0C-66233E78E1BF}\.ba\1038\mbapreq.wxl
|
XML 1.0 document, Unicode text, UTF-8 text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\Temp\{2CFE9258-2647-47E2-8C0C-66233E78E1BF}\.ba\1040\mbapreq.wxl
|
XML 1.0 document, Unicode text, UTF-8 text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\Temp\{2CFE9258-2647-47E2-8C0C-66233E78E1BF}\.ba\1041\mbapreq.wxl
|
XML 1.0 document, Unicode text, UTF-8 text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\Temp\{2CFE9258-2647-47E2-8C0C-66233E78E1BF}\.ba\1042\mbapreq.wxl
|
XML 1.0 document, Unicode text, UTF-8 text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\Temp\{2CFE9258-2647-47E2-8C0C-66233E78E1BF}\.ba\1043\mbapreq.wxl
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\Temp\{2CFE9258-2647-47E2-8C0C-66233E78E1BF}\.ba\1044\mbapreq.wxl
|
XML 1.0 document, Unicode text, UTF-8 text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\Temp\{2CFE9258-2647-47E2-8C0C-66233E78E1BF}\.ba\1045\mbapreq.wxl
|
XML 1.0 document, Unicode text, UTF-8 text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\Temp\{2CFE9258-2647-47E2-8C0C-66233E78E1BF}\.ba\1046\mbapreq.wxl
|
XML 1.0 document, Unicode text, UTF-8 text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\Temp\{2CFE9258-2647-47E2-8C0C-66233E78E1BF}\.ba\1049\mbapreq.wxl
|
XML 1.0 document, Unicode text, UTF-8 text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\Temp\{2CFE9258-2647-47E2-8C0C-66233E78E1BF}\.ba\1051\mbapreq.wxl
|
XML 1.0 document, Unicode text, UTF-8 text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\Temp\{2CFE9258-2647-47E2-8C0C-66233E78E1BF}\.ba\1053\mbapreq.wxl
|
XML 1.0 document, Unicode text, UTF-8 text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\Temp\{2CFE9258-2647-47E2-8C0C-66233E78E1BF}\.ba\1055\mbapreq.wxl
|
XML 1.0 document, Unicode text, UTF-8 text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\Temp\{2CFE9258-2647-47E2-8C0C-66233E78E1BF}\.ba\1060\mbapreq.wxl
|
XML 1.0 document, Unicode text, UTF-8 text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\Temp\{2CFE9258-2647-47E2-8C0C-66233E78E1BF}\.ba\2052\mbapreq.wxl
|
XML 1.0 document, Unicode text, UTF-8 text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\Temp\{2CFE9258-2647-47E2-8C0C-66233E78E1BF}\.ba\2070\mbapreq.wxl
|
XML 1.0 document, Unicode text, UTF-8 text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\Temp\{2CFE9258-2647-47E2-8C0C-66233E78E1BF}\.ba\3082\mbapreq.wxl
|
XML 1.0 document, Unicode text, UTF-8 text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\Temp\{2CFE9258-2647-47E2-8C0C-66233E78E1BF}\.ba\BootstrapperApplicationData.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with very long lines (577), with CRLF line terminators
|
dropped
|
||
|
C:\Windows\Temp\{2CFE9258-2647-47E2-8C0C-66233E78E1BF}\.ba\BootstrapperCore.config
|
XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\Temp\{2CFE9258-2647-47E2-8C0C-66233E78E1BF}\.ba\BootstrapperCore.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Windows\Temp\{2CFE9258-2647-47E2-8C0C-66233E78E1BF}\.ba\MemProfilerBootstrapper.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Windows\Temp\{2CFE9258-2647-47E2-8C0C-66233E78E1BF}\.ba\Microsoft.Deployment.WindowsInstaller.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Windows\Temp\{2CFE9258-2647-47E2-8C0C-66233E78E1BF}\.ba\mbahost.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Windows\Temp\{2CFE9258-2647-47E2-8C0C-66233E78E1BF}\.ba\mbapreq.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Windows\Temp\{2CFE9258-2647-47E2-8C0C-66233E78E1BF}\.ba\mbapreq.png
|
PNG image data, 63 x 63, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Windows\Temp\{2CFE9258-2647-47E2-8C0C-66233E78E1BF}\.ba\mbapreq.thm
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\Temp\{2CFE9258-2647-47E2-8C0C-66233E78E1BF}\.ba\mbapreq.wxl
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\Temp\{E6BCEB9A-789C-4B61-A31A-88AF3D699066}\.cr\MemProfilerInstaller5_7_28.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
There are 26 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\MemProfilerInstaller5_7_28.exe
|
"C:\Users\user\Desktop\MemProfilerInstaller5_7_28.exe"
|
||
|
C:\Windows\Temp\{E6BCEB9A-789C-4B61-A31A-88AF3D699066}\.cr\MemProfilerInstaller5_7_28.exe
|
"C:\Windows\Temp\{E6BCEB9A-789C-4B61-A31A-88AF3D699066}\.cr\MemProfilerInstaller5_7_28.exe" -burn.clean.room="C:\Users\user\Desktop\MemProfilerInstaller5_7_28.exe"
-burn.filehandle.attached=544 -burn.filehandle.self=536
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://memprofiler.com/eula
|
unknown
|
||
|
http://crl.sectigo.com/SectigoRSATimeStampingCA.crl0t
|
unknown
|
||
|
https://memprofiler.com
|
unknown
|
||
|
http://wixtoolset.org/releases/
|
unknown
|
||
|
https://sectigo.com/CPS0
|
unknown
|
||
|
http://appsyndication.org/2006/appsynapplicationc:
|
unknown
|
||
|
http://crl.sectigo.com/SectigoPublicCodeSigningCAR36.crl0y
|
unknown
|
||
|
http://crl.sectigo.com/SectigoPublicCodeSigningRootR46.crl0
|
unknown
|
||
|
http://ocsp.sectigo.com0
|
unknown
|
||
|
http://wixtoolset.org
|
unknown
|
||
|
http://wixtoolset.org/schemas/thmutil/2010
|
unknown
|
||
|
https://memprofiler.com/eula;Failed
|
unknown
|
||
|
http://crt.sectigo.com/SectigoRSATimeStampingCA.crt0#
|
unknown
|
||
|
http://wixtoolset.org/Whttp://wixtoolset.org/telemetry/v
|
unknown
|
||
|
http://crt.sectigo.com/SectigoPublicCodeSigningCAR36.crt0#
|
unknown
|
||
|
http://defaultcontainer/MemProfilerBootstrapper;component/views/wizardheadercontrol.xamld
|
unknown
|
||
|
http://wixtoolset.org/
|
unknown
|
||
|
http://wixtoolset.org/telemetry/v
|
unknown
|
||
|
http://crt.sectigo.com/SectigoPublicCodeSigningRootR46.p7c0#
|
unknown
|
||
|
http://wixtoolset.org/news/
|
unknown
|
||
|
http://wixtoolset.org/releases/SCreating
|
unknown
|
||
|
http://appsyndication.org/2006/appsyn
|
unknown
|
There are 12 hidden URLs, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
A1E7000
|
heap
|
page read and write
|
||
|
5B2E000
|
stack
|
page read and write
|
||
|
7EEC0000
|
trusted library allocation
|
page readonly
|
||
|
AC60000
|
trusted library allocation
|
page read and write
|
||
|
664D000
|
heap
|
page read and write
|
||
|
2A80000
|
heap
|
page execute and read and write
|
||
|
941000
|
heap
|
page read and write
|
||
|
A377000
|
heap
|
page read and write
|
||
|
6648000
|
heap
|
page read and write
|
||
|
5BF0000
|
trusted library allocation
|
page read and write
|
||
|
7EEDB000
|
trusted library allocation
|
page readonly
|
||
|
735000
|
heap
|
page read and write
|
||
|
D20000
|
heap
|
page read and write
|
||
|
AEF8000
|
heap
|
page read and write
|
||
|
65D8000
|
heap
|
page read and write
|
||
|
A080000
|
heap
|
page read and write
|
||
|
2D00000
|
heap
|
page read and write
|
||
|
65CF000
|
heap
|
page read and write
|
||
|
862000
|
heap
|
page read and write
|
||
|
AC79000
|
trusted library allocation
|
page read and write
|
||
|
A1F3000
|
heap
|
page read and write
|
||
|
6CBD0000
|
unkown
|
page readonly
|
||
|
9FF000
|
heap
|
page read and write
|
||
|
A273000
|
heap
|
page read and write
|
||
|
561000
|
unkown
|
page execute read
|
||
|
5C10000
|
heap
|
page execute and read and write
|
||
|
4F0000
|
heap
|
page read and write
|
||
|
30F0000
|
trusted library allocation
|
page read and write
|
||
|
6468000
|
stack
|
page read and write
|
||
|
5CD000
|
unkown
|
page readonly
|
||
|
2AA0000
|
trusted library allocation
|
page read and write
|
||
|
664F000
|
heap
|
page read and write
|
||
|
A1DF000
|
heap
|
page read and write
|
||
|
AC84000
|
trusted library allocation
|
page read and write
|
||
|
5AAE000
|
stack
|
page read and write
|
||
|
64B9000
|
heap
|
page read and write
|
||
|
6648000
|
heap
|
page read and write
|
||
|
610000
|
heap
|
page read and write
|
||
|
AC81000
|
trusted library allocation
|
page read and write
|
||
|
7EEC3000
|
trusted library allocation
|
page execute read
|
||
|
18A000
|
unkown
|
page read and write
|
||
|
A0A0000
|
trusted library allocation
|
page read and write
|
||
|
ADED000
|
heap
|
page read and write
|
||
|
2680000
|
heap
|
page read and write
|
||
|
934000
|
heap
|
page read and write
|
||
|
616000
|
heap
|
page read and write
|
||
|
6680000
|
trusted library allocation
|
page read and write
|
||
|
530000
|
heap
|
page read and write
|
||
|
28E0000
|
trusted library allocation
|
page read and write
|
||
|
65C4000
|
heap
|
page read and write
|
||
|
AE06000
|
heap
|
page read and write
|
||
|
18A000
|
unkown
|
page write copy
|
||
|
A1FF000
|
heap
|
page read and write
|
||
|
A2E2000
|
heap
|
page read and write
|
||
|
AD73000
|
heap
|
page read and write
|
||
|
AD94000
|
heap
|
page read and write
|
||
|
A2B0000
|
heap
|
page read and write
|
||
|
AC7E000
|
trusted library allocation
|
page read and write
|
||
|
A1E7000
|
heap
|
page read and write
|
||
|
AD66000
|
heap
|
page read and write
|
||
|
A270000
|
heap
|
page read and write
|
||
|
AB60000
|
trusted library allocation
|
page read and write
|
||
|
3100000
|
heap
|
page read and write
|
||
|
2E50000
|
trusted library allocation
|
page read and write
|
||
|
64BE000
|
heap
|
page read and write
|
||
|
ADDB000
|
heap
|
page read and write
|
||
|
65D8000
|
heap
|
page read and write
|
||
|
26C0000
|
heap
|
page read and write
|
||
|
660000
|
heap
|
page read and write
|
||
|
65E000
|
stack
|
page read and write
|
||
|
A4F0000
|
heap
|
page read and write
|
||
|
64C3000
|
heap
|
page read and write
|
||
|
AD60000
|
heap
|
page read and write
|
||
|
2900000
|
heap
|
page read and write
|
||
|
2960000
|
heap
|
page read and write
|
||
|
AB60000
|
trusted library allocation
|
page read and write
|
||
|
A4D7000
|
heap
|
page read and write
|
||
|
816000
|
heap
|
page read and write
|
||
|
6C0000
|
heap
|
page read and write
|
||
|
3103000
|
heap
|
page read and write
|
||
|
990000
|
trusted library allocation
|
page read and write
|
||
|
96D000
|
heap
|
page read and write
|
||
|
AB60000
|
trusted library allocation
|
page read and write
|
||
|
3090000
|
trusted library allocation
|
page read and write
|
||
|
9F1000
|
heap
|
page read and write
|
||
|
9D8000
|
heap
|
page read and write
|
||
|
5AA000
|
unkown
|
page readonly
|
||
|
28A0000
|
trusted library section
|
page read and write
|
||
|
9EF000
|
heap
|
page read and write
|
||
|
A2B0000
|
heap
|
page read and write
|
||
|
A050000
|
trusted library allocation
|
page read and write
|
||
|
5BF0000
|
trusted library allocation
|
page read and write
|
||
|
2AC0000
|
heap
|
page read and write
|
||
|
7BC000
|
heap
|
page read and write
|
||
|
5BF0000
|
trusted library allocation
|
page read and write
|
||
|
A205000
|
heap
|
page read and write
|
||
|
6670000
|
trusted library allocation
|
page read and write
|
||
|
6088000
|
stack
|
page read and write
|
||
|
28B0000
|
trusted library allocation
|
page read and write
|
||
|
AD86000
|
heap
|
page read and write
|
||
|
AE6D000
|
heap
|
page read and write
|
||
|
2A70000
|
trusted library allocation
|
page read and write
|
||
|
9B8000
|
heap
|
page read and write
|
||
|
A493000
|
heap
|
page read and write
|
||
|
6656000
|
heap
|
page read and write
|
||
|
2AB0000
|
trusted library allocation
|
page read and write
|
||
|
6690000
|
trusted library allocation
|
page read and write
|
||
|
AD73000
|
heap
|
page read and write
|
||
|
65EB000
|
heap
|
page read and write
|
||
|
858000
|
heap
|
page read and write
|
||
|
AF56000
|
heap
|
page read and write
|
||
|
700000
|
heap
|
page read and write
|
||
|
A2B0000
|
heap
|
page read and write
|
||
|
A510000
|
heap
|
page read and write
|
||
|
AC88000
|
trusted library allocation
|
page read and write
|
||
|
7EED0000
|
trusted library allocation
|
page execute read
|
||
|
A360000
|
trusted library allocation
|
page read and write
|
||
|
7EEC1000
|
trusted library allocation
|
page execute read
|
||
|
560000
|
unkown
|
page readonly
|
||
|
18D000
|
unkown
|
page readonly
|
||
|
A20C000
|
heap
|
page read and write
|
||
|
5AEE000
|
stack
|
page read and write
|
||
|
ADF6000
|
heap
|
page read and write
|
||
|
2B10000
|
trusted library allocation
|
page read and write
|
||
|
64C3000
|
heap
|
page read and write
|
||
|
9B0000
|
heap
|
page read and write
|
||
|
ADA1000
|
heap
|
page read and write
|
||
|
6480000
|
heap
|
page read and write
|
||
|
A1DF000
|
heap
|
page read and write
|
||
|
30F0000
|
trusted library allocation
|
page read and write
|
||
|
A276000
|
heap
|
page read and write
|
||
|
A0E0000
|
trusted library allocation
|
page read and write
|
||
|
A1F3000
|
heap
|
page read and write
|
||
|
30D2000
|
unkown
|
page readonly
|
||
|
A40000
|
trusted library allocation
|
page read and write
|
||
|
6570000
|
heap
|
page read and write
|
||
|
2BE0000
|
heap
|
page read and write
|
||
|
A21A000
|
heap
|
page read and write
|
||
|
65B5000
|
heap
|
page read and write
|
||
|
18D000
|
unkown
|
page readonly
|
||
|
2A90000
|
trusted library allocation
|
page execute and read and write
|
||
|
278A000
|
heap
|
page read and write
|
||
|
7EEF8000
|
trusted library allocation
|
page execute and read and write
|
||
|
8F5000
|
heap
|
page read and write
|
||
|
6CBE4000
|
unkown
|
page readonly
|
||
|
6621000
|
heap
|
page read and write
|
||
|
A1E7000
|
heap
|
page read and write
|
||
|
28E4000
|
trusted library allocation
|
page read and write
|
||
|
2A55000
|
trusted library allocation
|
page execute and read and write
|
||
|
7EED1000
|
trusted library allocation
|
page readonly
|
||
|
9F1000
|
heap
|
page read and write
|
||
|
30B0000
|
trusted library allocation
|
page read and write
|
||
|
664C000
|
heap
|
page read and write
|
||
|
AEB4000
|
heap
|
page read and write
|
||
|
2A10000
|
heap
|
page read and write
|
||
|
6645000
|
heap
|
page read and write
|
||
|
2B00000
|
heap
|
page read and write
|
||
|
6582000
|
heap
|
page read and write
|
||
|
A070000
|
trusted library allocation
|
page read and write
|
||
|
AE21000
|
heap
|
page read and write
|
||
|
7EED6000
|
trusted library allocation
|
page execute read
|
||
|
28D0000
|
trusted library allocation
|
page read and write
|
||
|
A20C000
|
heap
|
page read and write
|
||
|
6658000
|
heap
|
page read and write
|
||
|
7EED4000
|
trusted library allocation
|
page execute read
|
||
|
A402000
|
heap
|
page read and write
|
||
|
ADE0000
|
heap
|
page read and write
|
||
|
64B1000
|
heap
|
page read and write
|
||
|
6645000
|
heap
|
page read and write
|
||
|
618E000
|
stack
|
page read and write
|
||
|
29B0000
|
heap
|
page read and write
|
||
|
6F0000
|
heap
|
page read and write
|
||
|
A552000
|
trusted library allocation
|
page read and write
|
||
|
6CBEC000
|
unkown
|
page read and write
|
||
|
A1FF000
|
heap
|
page read and write
|
||
|
A070000
|
trusted library allocation
|
page read and write
|
||
|
938000
|
heap
|
page read and write
|
||
|
6674000
|
trusted library allocation
|
page read and write
|
||
|
D00000
|
heap
|
page read and write
|
||
|
64BE000
|
heap
|
page read and write
|
||
|
6658000
|
heap
|
page read and write
|
||
|
A21A000
|
heap
|
page read and write
|
||
|
659B000
|
heap
|
page read and write
|
||
|
64B9000
|
heap
|
page read and write
|
||
|
1DC000
|
stack
|
page read and write
|
||
|
66A0000
|
trusted library allocation
|
page read and write
|
||
|
AC6F000
|
trusted library allocation
|
page read and write
|
||
|
A070000
|
trusted library allocation
|
page read and write
|
||
|
A350000
|
trusted library allocation
|
page read and write
|
||
|
6670000
|
trusted library allocation
|
page execute and read and write
|
||
|
939000
|
heap
|
page read and write
|
||
|
7EEDC000
|
trusted library allocation
|
page execute read
|
||
|
2A57000
|
trusted library allocation
|
page execute and read and write
|
||
|
937000
|
heap
|
page read and write
|
||
|
A255000
|
heap
|
page read and write
|
||
|
2670000
|
unkown
|
page read and write
|
||
|
A520000
|
trusted library allocation
|
page read and write
|
||
|
9F1000
|
heap
|
page read and write
|
||
|
AB60000
|
trusted library allocation
|
page read and write
|
||
|
5CA000
|
unkown
|
page write copy
|
||
|
9E9000
|
heap
|
page read and write
|
||
|
A253000
|
heap
|
page read and write
|
||
|
6626000
|
heap
|
page read and write
|
||
|
30D0000
|
unkown
|
page readonly
|
||
|
560000
|
unkown
|
page readonly
|
||
|
48B000
|
stack
|
page read and write
|
||
|
660C000
|
heap
|
page read and write
|
||
|
A26C000
|
heap
|
page read and write
|
||
|
3911000
|
trusted library allocation
|
page read and write
|
||
|
A040000
|
trusted library allocation
|
page read and write
|
||
|
5BAE000
|
stack
|
page read and write
|
||
|
28D3000
|
trusted library allocation
|
page execute and read and write
|
||
|
65CF000
|
heap
|
page read and write
|
||
|
700000
|
heap
|
page read and write
|
||
|
AC60000
|
trusted library allocation
|
page read and write
|
||
|
76A000
|
heap
|
page read and write
|
||
|
AD60000
|
heap
|
page read and write
|
||
|
AF4D000
|
heap
|
page read and write
|
||
|
7EED9000
|
trusted library allocation
|
page readonly
|
||
|
A205000
|
heap
|
page read and write
|
||
|
710000
|
heap
|
page read and write
|
||
|
A340000
|
trusted library allocation
|
page read and write
|
||
|
121000
|
unkown
|
page execute read
|
||
|
8F0000
|
heap
|
page read and write
|
||
|
8EC000
|
heap
|
page read and write
|
||
|
2B10000
|
heap
|
page read and write
|
||
|
2690000
|
heap
|
page read and write
|
||
|
6621000
|
heap
|
page read and write
|
||
|
AF46000
|
heap
|
page read and write
|
||
|
AD86000
|
heap
|
page read and write
|
||
|
6470000
|
heap
|
page read and write
|
||
|
AF31000
|
heap
|
page read and write
|
||
|
A090000
|
trusted library allocation
|
page read and write
|
||
|
8A5000
|
heap
|
page read and write
|
||
|
636C000
|
stack
|
page read and write
|
||
|
ADF3000
|
heap
|
page read and write
|
||
|
6648000
|
heap
|
page read and write
|
||
|
ADE6000
|
heap
|
page read and write
|
||
|
30F0000
|
trusted library allocation
|
page read and write
|
||
|
A40A000
|
heap
|
page read and write
|
||
|
7EED2000
|
trusted library allocation
|
page execute read
|
||
|
A2E2000
|
heap
|
page read and write
|
||
|
A130000
|
heap
|
page read and write
|
||
|
A0A0000
|
trusted library allocation
|
page read and write
|
||
|
A040000
|
trusted library allocation
|
page read and write
|
||
|
2AE6000
|
trusted library allocation
|
page execute and read and write
|
||
|
AD76000
|
heap
|
page read and write
|
||
|
5C27000
|
heap
|
page execute and read and write
|
||
|
6E9000
|
heap
|
page read and write
|
||
|
64B1000
|
heap
|
page read and write
|
||
|
A138000
|
heap
|
page read and write
|
||
|
9D3000
|
heap
|
page read and write
|
||
|
3110000
|
trusted library allocation
|
page read and write
|
||
|
5AA000
|
unkown
|
page readonly
|
||
|
A2E2000
|
heap
|
page read and write
|
||
|
A1B2000
|
heap
|
page read and write
|
||
|
5BF4000
|
trusted library allocation
|
page read and write
|
||
|
A25C000
|
heap
|
page read and write
|
||
|
6641000
|
heap
|
page read and write
|
||
|
28DD000
|
trusted library allocation
|
page execute and read and write
|
||
|
AD76000
|
heap
|
page read and write
|
||
|
5BF0000
|
trusted library allocation
|
page read and write
|
||
|
A4D5000
|
heap
|
page read and write
|
||
|
A25F000
|
heap
|
page read and write
|
||
|
2A52000
|
trusted library allocation
|
page read and write
|
||
|
AC6E000
|
trusted library allocation
|
page read and write
|
||
|
A26C000
|
heap
|
page read and write
|
||
|
4915000
|
trusted library allocation
|
page read and write
|
||
|
A330000
|
trusted library allocation
|
page read and write
|
||
|
120000
|
unkown
|
page readonly
|
||
|
65EB000
|
heap
|
page read and write
|
||
|
6656000
|
heap
|
page read and write
|
||
|
AF40000
|
heap
|
page read and write
|
||
|
2ABD000
|
trusted library allocation
|
page execute and read and write
|
||
|
5BEB000
|
stack
|
page read and write
|
||
|
28D4000
|
trusted library allocation
|
page read and write
|
||
|
AB60000
|
trusted library allocation
|
page read and write
|
||
|
5C00000
|
heap
|
page read and write
|
||
|
9FF000
|
heap
|
page read and write
|
||
|
A030000
|
trusted library allocation
|
page read and write
|
||
|
AD66000
|
heap
|
page read and write
|
||
|
AB60000
|
trusted library allocation
|
page read and write
|
||
|
AC60000
|
trusted library allocation
|
page read and write
|
||
|
AF53000
|
heap
|
page read and write
|
||
|
A253000
|
heap
|
page read and write
|
||
|
AC77000
|
trusted library allocation
|
page read and write
|
||
|
6C7000
|
heap
|
page read and write
|
||
|
2AD0000
|
trusted library allocation
|
page read and write
|
||
|
2AE0000
|
trusted library allocation
|
page read and write
|
||
|
AD6D000
|
heap
|
page read and write
|
||
|
A330000
|
trusted library allocation
|
page read and write
|
||
|
A255000
|
heap
|
page read and write
|
||
|
A520000
|
trusted library allocation
|
page read and write
|
||
|
5C20000
|
heap
|
page execute and read and write
|
||
|
2AF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
A266000
|
heap
|
page read and write
|
||
|
A330000
|
trusted library allocation
|
page read and write
|
||
|
5918000
|
trusted library allocation
|
page read and write
|
||
|
16A000
|
unkown
|
page readonly
|
||
|
A20C000
|
heap
|
page read and write
|
||
|
5CD000
|
unkown
|
page readonly
|
||
|
A205000
|
heap
|
page read and write
|
||
|
A080000
|
trusted library allocation
|
page read and write
|
||
|
AE1F000
|
heap
|
page read and write
|
||
|
7EEDA000
|
trusted library allocation
|
page execute read
|
||
|
743000
|
heap
|
page read and write
|
||
|
972000
|
heap
|
page read and write
|
||
|
6CBEE000
|
unkown
|
page readonly
|
||
|
657D000
|
heap
|
page read and write
|
||
|
A253000
|
heap
|
page read and write
|
||
|
A3BE000
|
heap
|
page read and write
|
||
|
AE27000
|
heap
|
page read and write
|
||
|
6626000
|
heap
|
page read and write
|
||
|
A255000
|
heap
|
page read and write
|
||
|
969000
|
heap
|
page read and write
|
||
|
710000
|
heap
|
page read and write
|
||
|
30E4000
|
unkown
|
page readonly
|
||
|
664C000
|
heap
|
page read and write
|
||
|
AF61000
|
heap
|
page read and write
|
||
|
6576000
|
heap
|
page read and write
|
||
|
662C000
|
heap
|
page read and write
|
||
|
8B0000
|
heap
|
page read and write
|
||
|
4924000
|
trusted library allocation
|
page read and write
|
||
|
AF00000
|
heap
|
page read and write
|
||
|
AA2C000
|
stack
|
page read and write
|
||
|
A354000
|
trusted library allocation
|
page read and write
|
||
|
A273000
|
heap
|
page read and write
|
||
|
6611000
|
heap
|
page read and write
|
||
|
AD6D000
|
heap
|
page read and write
|
||
|
65AB000
|
heap
|
page read and write
|
||
|
662C000
|
heap
|
page read and write
|
||
|
AC7C000
|
trusted library allocation
|
page read and write
|
||
|
893000
|
heap
|
page read and write
|
||
|
7EEDD000
|
trusted library allocation
|
page readonly
|
||
|
A60000
|
heap
|
page read and write
|
||
|
A2E2000
|
heap
|
page read and write
|
||
|
5BF4000
|
trusted library allocation
|
page read and write
|
||
|
9DF000
|
heap
|
page read and write
|
||
|
30C0000
|
heap
|
page read and write
|
||
|
121000
|
unkown
|
page execute read
|
||
|
6680000
|
trusted library allocation
|
page read and write
|
||
|
A69000
|
heap
|
page read and write
|
||
|
A060000
|
trusted library allocation
|
page read and write
|
||
|
6CBD1000
|
unkown
|
page execute read
|
||
|
AC60000
|
trusted library allocation
|
page read and write
|
||
|
7CF000
|
heap
|
page read and write
|
||
|
26E0000
|
heap
|
page read and write
|
||
|
264C000
|
stack
|
page read and write
|
||
|
AC60000
|
trusted library allocation
|
page read and write
|
||
|
A44C000
|
heap
|
page read and write
|
||
|
ADD0000
|
heap
|
page read and write
|
||
|
A259000
|
heap
|
page read and write
|
||
|
6596000
|
heap
|
page read and write
|
||
|
6606000
|
heap
|
page read and write
|
||
|
A21A000
|
heap
|
page read and write
|
||
|
A0B0000
|
trusted library allocation
|
page read and write
|
||
|
2AE9000
|
trusted library allocation
|
page execute and read and write
|
||
|
6670000
|
trusted library allocation
|
page read and write
|
||
|
A520000
|
trusted library allocation
|
page read and write
|
||
|
2F4E000
|
stack
|
page read and write
|
||
|
A070000
|
trusted library allocation
|
page read and write
|
||
|
2890000
|
trusted library section
|
page read and write
|
||
|
5F32000
|
unkown
|
page readonly
|
||
|
A0C0000
|
trusted library allocation
|
page read and write
|
||
|
16A000
|
unkown
|
page readonly
|
||
|
A020000
|
trusted library allocation
|
page read and write
|
||
|
38C000
|
stack
|
page read and write
|
||
|
A2B0000
|
heap
|
page read and write
|
||
|
64B4000
|
heap
|
page read and write
|
||
|
5F30000
|
unkown
|
page readonly
|
||
|
64B9000
|
heap
|
page read and write
|
||
|
7EED8000
|
trusted library allocation
|
page execute read
|
||
|
9EF000
|
heap
|
page read and write
|
||
|
540000
|
heap
|
page read and write
|
||
|
ADD0000
|
heap
|
page read and write
|
||
|
A266000
|
heap
|
page read and write
|
||
|
702000
|
heap
|
page read and write
|
||
|
6656000
|
heap
|
page read and write
|
||
|
4911000
|
trusted library allocation
|
page read and write
|
||
|
AE58000
|
heap
|
page read and write
|
||
|
120000
|
unkown
|
page readonly
|
||
|
9E9000
|
heap
|
page read and write
|
||
|
A40000
|
trusted library allocation
|
page read and write
|
||
|
93C000
|
heap
|
page read and write
|
||
|
7EEDE000
|
trusted library allocation
|
page execute read
|
||
|
5CA000
|
unkown
|
page read and write
|
||
|
A060000
|
trusted library allocation
|
page read and write
|
||
|
64B4000
|
heap
|
page read and write
|
||
|
A040000
|
trusted library allocation
|
page read and write
|
||
|
664C000
|
heap
|
page read and write
|
||
|
A4DF000
|
heap
|
page read and write
|
||
|
A350000
|
trusted library allocation
|
page read and write
|
||
|
7EEE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
5F2C000
|
stack
|
page read and write
|
||
|
7B3000
|
heap
|
page read and write
|
||
|
85A000
|
heap
|
page read and write
|
||
|
30A0000
|
trusted library allocation
|
page read and write
|
||
|
26F0000
|
heap
|
page read and write
|
||
|
9EF000
|
heap
|
page read and write
|
||
|
6645000
|
heap
|
page read and write
|
||
|
65B1000
|
heap
|
page read and write
|
||
|
A66000
|
heap
|
page read and write
|
||
|
6680000
|
trusted library allocation
|
page read and write
|
||
|
7B6000
|
heap
|
page read and write
|
||
|
304F000
|
stack
|
page read and write
|
||
|
65C4000
|
heap
|
page read and write
|
||
|
308E000
|
stack
|
page read and write
|
||
|
7EED5000
|
trusted library allocation
|
page readonly
|
||
|
6611000
|
heap
|
page read and write
|
||
|
4F8000
|
stack
|
page read and write
|
||
|
561000
|
unkown
|
page execute read
|
||
|
2A50000
|
trusted library allocation
|
page read and write
|
||
|
664C000
|
heap
|
page read and write
|
||
|
A090000
|
trusted library allocation
|
page read and write
|
||
|
64AF000
|
heap
|
page read and write
|
||
|
2A5B000
|
trusted library allocation
|
page execute and read and write
|
||
|
6606000
|
heap
|
page read and write
|
||
|
648F000
|
heap
|
page read and write
|
||
|
A080000
|
trusted library allocation
|
page read and write
|
||
|
3AE4000
|
trusted library allocation
|
page read and write
|
||
|
702000
|
heap
|
page read and write
|
||
|
A266000
|
heap
|
page read and write
|
||
|
9FF000
|
heap
|
page read and write
|
||
|
AEF6000
|
heap
|
page read and write
|
||
|
8A9000
|
heap
|
page read and write
|
||
|
92E000
|
heap
|
page read and write
|
||
|
932000
|
heap
|
page read and write
|
||
|
6658000
|
heap
|
page read and write
|
||
|
AD80000
|
heap
|
page read and write
|
||
|
A276000
|
heap
|
page read and write
|
||
|
A400000
|
heap
|
page read and write
|
||
|
6658000
|
heap
|
page read and write
|
||
|
64B3000
|
heap
|
page read and write
|
||
|
A1FF000
|
heap
|
page read and write
|
||
|
A43B000
|
heap
|
page read and write
|
||
|
AC7A000
|
trusted library allocation
|
page read and write
|
||
|
28C0000
|
heap
|
page read and write
|
||
|
A360000
|
trusted library allocation
|
page read and write
|
||
|
A030000
|
trusted library allocation
|
page read and write
|
||
|
A1DF000
|
heap
|
page read and write
|
||
|
5F88000
|
stack
|
page read and write
|
||
|
AE1D000
|
heap
|
page read and write
|
||
|
30F0000
|
trusted library allocation
|
page read and write
|
||
|
A28000
|
stack
|
page read and write
|
||
|
A36E000
|
stack
|
page read and write
|
||
|
A020000
|
trusted library allocation
|
page read and write
|
||
|
AF67000
|
heap
|
page read and write
|
||
|
2AE3000
|
trusted library allocation
|
page read and write
|
||
|
64BE000
|
heap
|
page read and write
|
||
|
A19E000
|
heap
|
page read and write
|
||
|
930000
|
heap
|
page read and write
|
||
|
8AE000
|
heap
|
page read and write
|
||
|
660C000
|
heap
|
page read and write
|
||
|
5BF0000
|
trusted library allocation
|
page read and write
|
||
|
A270000
|
heap
|
page read and write
|
||
|
5E2C000
|
stack
|
page read and write
|
||
|
2780000
|
heap
|
page read and write
|
||
|
64AE000
|
heap
|
page read and write
|
There are 448 hidden memdumps, click here to show them.