Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Android TV Tools v3_EN.exe
|
PE32 executable (console) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\ytmp\tmp9682.bat
|
DOS batch file, ISO-8859 text, with very long lines (309), with CRLF line terminators
|
dropped
|
|
|
|
C:\ProgramData\Microsoft\Network\Downloader\edb.log
|
data
|
dropped
|
||
|
C:\ProgramData\Microsoft\Network\Downloader\qmgr.db
|
Extensible storage engine DataBase, version 0x620, checksum 0x7fce232b, page size 16384, DirtyShutdown, Windows version 10.0
|
dropped
|
||
|
C:\ProgramData\Microsoft\Network\Downloader\qmgr.jfm
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_egiulgnn.r1p.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_qoepv1jm.3w0.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_t4uk5vgg.x3g.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_utelv5le.g33.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ytmp\tmp5972.exe
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\Desktop\Android TV Tools - Aux Files\BIT8DD.tmp
|
PE32 executable (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\Desktop\Android TV Tools - Aux Files\cmdmax.exe (copy)
|
PE32 executable (console) Intel 80386, for MS Windows
|
dropped
|
||
|
\Device\Null
|
ASCII text, with CRLF line terminators
|
dropped
|
There are 4 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\Android TV Tools v3_EN.exe
|
"C:\Users\user\Desktop\Android TV Tools v3_EN.exe"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
C:\Windows\system32\cmd.exe /c if not exist "C:\Users\user\AppData\Local\Temp\afolder" mkdir "C:\Users\user\AppData\Local\Temp\afolder"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
C:\Windows\system32\cmd.exe /c if not exist "C:\Users\user\AppData\Local\Temp\ytmp" mkdir "C:\Users\user\AppData\Local\Temp\ytmp"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
C:\Windows\system32\cmd.exe /c attrib +h C:\Users\user\AppData\Local\Temp\ytmp
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
C:\Windows\system32\cmd.exe /c if exist "C:\Users\user\AppData\Local\Temp\ytmp\tmp9682.bat" del "C:\Users\user\AppData\Local\Temp\ytmp\tmp9682.bat"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
C:\Windows\system32\cmd.exe /c if exist "C:\Users\user\AppData\Local\Temp\ytmp\tmp5972.exe" del "C:\Users\user\AppData\Local\Temp\ytmp\tmp5972.exe"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
C:\Windows\system32\cmd.exe /c C:\Users\user\AppData\Local\Temp\ytmp\tmp9682.bat "C:\Users\user\Desktop\Android TV Tools v3_EN.exe"
|
|
|
|
C:\Windows\SysWOW64\PING.EXE
|
ping google.com -n 1
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
powershell -Command "Start-bitsTransfer -Source https://github.com/tenox7/cmdmax/releases/download/2.0/cmdmax-x86.exe -Destination
'Android TV Tools - Aux Files\cmdmax.exe'"
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS
|
|
|
|
C:\Users\user\Desktop\Android TV Tools - Aux Files\cmdmax.exe
|
"Android TV Tools - Aux Files\cmdmax.exe" 20 234 120 31 120 9999
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\attrib.exe
|
attrib +h C:\Users\user\AppData\Local\Temp\ytmp
|
There are 3 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://github.com/tenox7/cmdmax/releases/download/2.0/cmdmax-x86.exe
|
140.82.121.3
|
|
|
|
https://atvlauncher.trekgonewild.de/
|
unknown
|
||
|
https://kutt.it/stn_bridge_atv
|
unknown
|
||
|
https://www.tdtchannels.com/listas
|
unknown
|
||
|
https://f-droid.org/repo/news.androidtv.launchonboot_12.apk
|
unknown
|
||
|
https://www.androidpolice.com/2021/01/30/how-to-remap-remote-buttons-take-screenshot-chromecast-with
|
unknown
|
||
|
https://github.com/0x192/universal-android-debloater/releases/download/%ver_debloater%/uad_gui-windo
|
unknown
|
||
|
https://github.com/0x192/universal-android-debloater/wiki/FAQ
|
unknown
|
||
|
https://iptv-org.github.io/
|
unknown
|
||
|
https://www.reddit.com/r/AndroidTV/
|
unknown
|
||
|
https://www.androidtv-guide.com/
|
unknown
|
||
|
https://www.reddit.com/r/AndroidTV/comments/1ajkxbk/tool_allinone_tool_for_windows_android_tv_tools_
|
unknown
|
||
|
https://xdaforums.com/attachments/google-installer_3-0-apk.6052043/
|
unknown
|
||
|
https://g.live.com/odclientsettings/ProdV2.C:
|
unknown
|
||
|
https://gitlab.com/AuroraOSS/AuroraStore/uploads/ac32503aee88c6d1067dad57f3f92e09/AuroraStore_4.3.5.
|
unknown
|
||
|
https://play.google.com/store/apps/details?id=com.tdtchannels.player
|
unknown
|
||
|
https://github.com:443/tenox7/cmdmax/releases/download/2.0/cmdmax-x86.exe
|
unknown
|
||
|
https://api.github.com/repos/mirfatif/PermissionManagerX/releases/latest
|
unknown
|
||
|
https://xdaforums.com/attachments/aapt-arm-pie-zip.6053069/
|
unknown
|
||
|
https://g.live.com/odclientsettings/Prod.C:
|
unknown
|
||
|
https://play.google.com/store/apps/details?id=flar2.homebutton
|
unknown
|
||
|
https://api.github.com/repos/K3V1991/ADB-and-FastbootPlusPlus/releases/latest
|
unknown
|
||
|
https://api.github.com/repos/codefaktor/FTVLaunchX/releases/latest
|
unknown
|
||
|
https://g.live.com/odclientsettings/ProdV2
|
unknown
|
||
|
https://github.com/Genymobile/scrcpy/blob/master/doc/shortcuts.md#shortcuts
|
unknown
|
||
|
https://api.github.com/repos/spocky/miproja1/releases/latest
|
unknown
|
||
|
https://github.com/tenox7/cmdmax/releases/download/2.0/cmdmax-x86.exe?C:
|
unknown
|
||
|
https://github.com/K3V1991/ADB-and-FastbootPlusPlus/releases/download/%ver_adb%/ADB-and-Fastboot
|
unknown
|
||
|
https://objects.githubusercontent.com/github-production-release-asset-2e65be/50417431/6e51c424-c3ca-
|
unknown
|
||
|
https://mirfatif.github.io/PermissionManagerX/
|
unknown
|
||
|
https://api.github.com/repos/0x192/universal-android-debloater/releases
|
unknown
|
||
|
https://xdaforums.com/attachments/google-play-store_v38-7-29-apk.6052033/
|
unknown
|
||
|
https://github.com/r3
|
unknown
|
||
|
https://xdaforums.com/attachments/countries-list-txt.6067313/
|
unknown
|
||
|
https://www.adslzone.net/reportajes/tv-streaming/que-es-tecnologia-iptv/#395576-que-son-las-listas-i
|
unknown
|
||
|
https://xdaforums.com/attachments/google-tv-home_1-0-591121582-apk.6051727/
|
unknown
|
||
|
https://g.live.com/1rewlive5skydrive/OneDriveProductionV2?OneDriveUpdate=9c123752e31a927b78dc96231b6
|
unknown
|
||
|
https://kutt.it/stn_bridge_amazon
|
unknown
|
||
|
https://github.com/codefaktor/FTVLaunchX/releases/download/v1.0.1/FTVLaunchX-1.0.1.apk
|
unknown
|
||
|
https://github.com/0x192/universal-android-debloater#universal-android-debloater-gui
|
unknown
|
||
|
https://adguard.com/adguard-android-tv/overview.html
|
unknown
|
||
|
https://api.github.com/repos/realOxy/M3UAndroid/releases/latest
|
unknown
|
||
|
https://xdaforums.com/t/tool-all-in-one-tool-for-windows-android-tv-tools-v2.4648239/
|
unknown
|
||
|
https://9to5google.com/guides/android-tv/
|
unknown
|
||
|
https://play.google.com/store/apps/details?id=%%%%j
|
unknown
|
||
|
https://play.google.com/store/apps/details?id=com.neilturner.aerialviews
|
unknown
|
||
|
https://xdaforums.com/attachments/wifi-pro-ftp-server_v1-9-5-build-74-apk.5924749/
|
unknown
|
||
|
https://gitlab.com/flauncher/flauncher/-/releases/0.18.0/downloads/flauncher-0.18.0.apk
|
unknown
|
||
|
https://play.google.com/store/apps/details?id=org.xbmc.kodi
|
unknown
|
||
|
https://xdaforums.com/t/how-to-prepare-smartwatch-for-advanced-functions.4511103/
|
unknown
|
||
|
https://play.google.com/store/apps/details?id=ar.tvplayer.tv
|
unknown
|
||
|
https://github.com/Genymobile/scrcpy
|
unknown
|
||
|
https://api.github.com/repos/Genymobile/scrcpy/releases/latest
|
unknown
|
||
|
https://github.com/codefaktor/FTVLaunchX/blob/develop/README.md
|
unknown
|
||
|
http://crl.ver)
|
unknown
|
||
|
https://smarttubeapp.github.io/
|
unknown
|
||
|
https://github.com/Genymobile/scrcpy/releases/download/%ver_scrcpy%/scrcpy-win%arquitectura_windows%
|
unknown
|
||
|
https://github.com/Free-TV/IPTV?tab=readme-ov-file#free-tv
|
unknown
|
||
|
https://kutt.it/stn_beta
|
unknown
|
||
|
https://ipinfo.io
|
unknown
|
||
|
https://play.google.com/store/apps/details?id=com.wiseplay
|
unknown
|
||
|
https://xdaforums.com/attachments/google-play-apk.6050959/
|
unknown
|
||
|
https://xdaforums.com/c/android-tv.4276/
|
unknown
|
||
|
https://g.live.com/odclientsettings/ProdV2?OneDriveUpdate=f359a5df14f97b6802371976c96
|
unknown
|
||
|
https://apkins.aptoide.com/AptoideTV-5.1.2.apk
|
unknown
|
||
|
https://objects.githubusercontent.com:443
|
unknown
|
||
|
https://github.com/K3V1991/ADB-and-FastbootPlusPlus
|
unknown
|
||
|
https://github.com/iptv-org/iptv?tab=readme-ov-file#playlists
|
unknown
|
||
|
http://agrd.io/tvapk
|
unknown
|
||
|
https://objects.githubusercontent.com/
|
unknown
|
||
|
https://mirfatif.github.io/PermissionManagerX/help/en/
|
unknown
|
||
|
https://github.com/mirfatif/PermissionManagerX/releases/download/%ver_PMX%/PMX_%ver_PMX%.apk
|
unknown
|
||
|
https://kutt.it/stn_stable
|
unknown
|
There are 63 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
github.com
|
140.82.121.3
|
|
|
|
google.com
|
142.250.184.238
|
||
|
objects.githubusercontent.com
|
185.199.109.133
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
140.82.121.3
|
github.com
|
United States
|
|
|
|
185.199.109.133
|
objects.githubusercontent.com
|
Netherlands
|
||
|
142.250.184.238
|
google.com
|
United States
|
||
|
127.0.0.1
|
unknown
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS
|
PerfMMFileName
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
179AFD1A000
|
heap
|
page read and write
|
||
|
179AFD5B000
|
heap
|
page read and write
|
||
|
179B4B0A000
|
heap
|
page read and write
|
||
|
F0D000
|
unkown
|
page read and write
|
||
|
411000
|
unkown
|
page read and write
|
||
|
179B4ABF000
|
heap
|
page read and write
|
||
|
75243FE000
|
unkown
|
page readonly
|
||
|
75235FB000
|
stack
|
page read and write
|
||
|
179B4B02000
|
heap
|
page read and write
|
||
|
179B4C70000
|
trusted library allocation
|
page read and write
|
||
|
179B4C60000
|
trusted library allocation
|
page read and write
|
||
|
7523BFE000
|
unkown
|
page readonly
|
||
|
179B4A41000
|
heap
|
page read and write
|
||
|
179AFC00000
|
heap
|
page read and write
|
||
|
F20000
|
heap
|
page read and write
|
||
|
7523AFE000
|
unkown
|
page readonly
|
||
|
179B4A01000
|
trusted library allocation
|
page read and write
|
||
|
179B49E0000
|
trusted library allocation
|
page read and write
|
||
|
179AF529000
|
heap
|
page read and write
|
||
|
179B4CB0000
|
remote allocation
|
page read and write
|
||
|
179AFD13000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
520000
|
heap
|
page read and write
|
||
|
75240FE000
|
unkown
|
page readonly
|
||
|
75232FE000
|
unkown
|
page readonly
|
||
|
179AFBD0000
|
trusted library allocation
|
page read and write
|
||
|
40B000
|
unkown
|
page readonly
|
||
|
40D000
|
unkown
|
page readonly
|
||
|
179B4C40000
|
trusted library allocation
|
page read and write
|
||
|
179B4940000
|
trusted library allocation
|
page read and write
|
||
|
7523DFE000
|
unkown
|
page readonly
|
||
|
179B497F000
|
trusted library allocation
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
75241FE000
|
unkown
|
page readonly
|
||
|
11C0000
|
heap
|
page read and write
|
||
|
179B49B0000
|
trusted library allocation
|
page read and write
|
||
|
7523A7E000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
179B49F0000
|
trusted library allocation
|
page read and write
|
||
|
179B4954000
|
trusted library allocation
|
page read and write
|
||
|
179B4CB0000
|
remote allocation
|
page read and write
|
||
|
179B4A4E000
|
heap
|
page read and write
|
||
|
75237FB000
|
stack
|
page read and write
|
||
|
179B48F0000
|
trusted library allocation
|
page read and write
|
||
|
179AF479000
|
heap
|
page read and write
|
||
|
179B49F5000
|
trusted library allocation
|
page read and write
|
||
|
179AF470000
|
heap
|
page read and write
|
||
|
179B4A28000
|
heap
|
page read and write
|
||
|
179B4930000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
407000
|
unkown
|
page read and write
|
||
|
11CA000
|
heap
|
page read and write
|
||
|
179AF4B0000
|
heap
|
page read and write
|
||
|
179B4A5D000
|
heap
|
page read and write
|
||
|
179B0560000
|
trusted library section
|
page readonly
|
||
|
179B4A70000
|
trusted library allocation
|
page read and write
|
||
|
179AFF01000
|
trusted library allocation
|
page read and write
|
||
|
7523B7E000
|
stack
|
page read and write
|
||
|
179B4A00000
|
heap
|
page read and write
|
||
|
75245FE000
|
unkown
|
page readonly
|
||
|
179AF475000
|
heap
|
page read and write
|
||
|
7523C7E000
|
stack
|
page read and write
|
||
|
752397E000
|
stack
|
page read and write
|
||
|
179B49D2000
|
trusted library allocation
|
page read and write
|
||
|
75244FD000
|
stack
|
page read and write
|
||
|
179AF42B000
|
heap
|
page read and write
|
||
|
FC4000
|
heap
|
page read and write
|
||
|
179B4966000
|
trusted library allocation
|
page read and write
|
||
|
179AF502000
|
heap
|
page read and write
|
||
|
179B4AD9000
|
heap
|
page read and write
|
||
|
179B4EB0000
|
trusted library allocation
|
page read and write
|
||
|
4A0000
|
heap
|
page read and write
|
||
|
179B49CA000
|
trusted library allocation
|
page read and write
|
||
|
179B4918000
|
trusted library allocation
|
page read and write
|
||
|
40D000
|
unkown
|
page readonly
|
||
|
179B495D000
|
trusted library allocation
|
page read and write
|
||
|
40B000
|
unkown
|
page readonly
|
||
|
179AF330000
|
heap
|
page read and write
|
||
|
584000
|
unkown
|
page read and write
|
||
|
179AF350000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
410000
|
heap
|
page read and write
|
||
|
179AF45B000
|
heap
|
page read and write
|
||
|
52E000
|
heap
|
page read and write
|
||
|
179AF48D000
|
heap
|
page read and write
|
||
|
179B4940000
|
trusted library allocation
|
page read and write
|
||
|
12C0000
|
direct allocation
|
page read and write
|
||
|
75242FE000
|
stack
|
page read and write
|
||
|
F70000
|
heap
|
page read and write
|
||
|
179B4AFA000
|
heap
|
page read and write
|
||
|
7522FFE000
|
stack
|
page read and write
|
||
|
179AF513000
|
heap
|
page read and write
|
||
|
179AF3A0000
|
trusted library section
|
page read and write
|
||
|
7523EFE000
|
unkown
|
page readonly
|
||
|
75231FB000
|
stack
|
page read and write
|
||
|
179AF49C000
|
heap
|
page read and write
|
||
|
179B0510000
|
trusted library section
|
page readonly
|
||
|
8EF000
|
stack
|
page read and write
|
||
|
179B4A17000
|
trusted library allocation
|
page read and write
|
||
|
179B4A0C000
|
trusted library allocation
|
page read and write
|
||
|
179B4900000
|
trusted library allocation
|
page read and write
|
||
|
9D000
|
stack
|
page read and write
|
||
|
19F000
|
stack
|
page read and write
|
||
|
179B49F8000
|
trusted library allocation
|
page read and write
|
||
|
179B4974000
|
trusted library allocation
|
page read and write
|
||
|
407000
|
unkown
|
page write copy
|
||
|
179B497C000
|
trusted library allocation
|
page read and write
|
||
|
179AF48B000
|
heap
|
page read and write
|
||
|
179B499E000
|
trusted library allocation
|
page read and write
|
||
|
179B4925000
|
trusted library allocation
|
page read and write
|
||
|
40E000
|
unkown
|
page read and write
|
||
|
179B49E0000
|
trusted library allocation
|
page read and write
|
||
|
179AFD5B000
|
heap
|
page read and write
|
||
|
7523FFE000
|
stack
|
page read and write
|
||
|
179AF440000
|
heap
|
page read and write
|
||
|
179B0540000
|
trusted library section
|
page readonly
|
||
|
179B4A8D000
|
heap
|
page read and write
|
||
|
179B4AC9000
|
heap
|
page read and write
|
||
|
179AFBE0000
|
trusted library allocation
|
page read and write
|
||
|
179AFC02000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
179AF390000
|
trusted library allocation
|
page read and write
|
||
|
179AFBA1000
|
trusted library allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
179B0530000
|
trusted library section
|
page readonly
|
||
|
75236FE000
|
unkown
|
page readonly
|
||
|
179B4910000
|
trusted library allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
179AFD00000
|
heap
|
page read and write
|
||
|
F0F000
|
unkown
|
page readonly
|
||
|
179B4A0F000
|
trusted library allocation
|
page read and write
|
||
|
179AFD02000
|
heap
|
page read and write
|
||
|
179AFC15000
|
heap
|
page read and write
|
||
|
179B4CB0000
|
remote allocation
|
page read and write
|
||
|
179B0430000
|
trusted library allocation
|
page read and write
|
||
|
179B4C50000
|
trusted library allocation
|
page read and write
|
||
|
75239FE000
|
unkown
|
page readonly
|
||
|
75234FE000
|
unkown
|
page readonly
|
||
|
179B4AC1000
|
heap
|
page read and write
|
||
|
2270000
|
heap
|
page read and write
|
||
|
11CE000
|
heap
|
page read and write
|
||
|
75233FC000
|
stack
|
page read and write
|
||
|
75238FE000
|
unkown
|
page readonly
|
||
|
7EF000
|
stack
|
page read and write
|
||
|
40A000
|
unkown
|
page write copy
|
||
|
19D000
|
stack
|
page read and write
|
||
|
7523D7E000
|
stack
|
page read and write
|
||
|
179B4A1B000
|
heap
|
page read and write
|
||
|
179B49A1000
|
trusted library allocation
|
page read and write
|
||
|
752270B000
|
stack
|
page read and write
|
||
|
179B4A57000
|
heap
|
page read and write
|
||
|
179B4A04000
|
trusted library allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
7524BFE000
|
unkown
|
page readonly
|
||
|
179B4A2A000
|
trusted library allocation
|
page read and write
|
||
|
179B4AE5000
|
heap
|
page read and write
|
||
|
179B4A60000
|
trusted library allocation
|
page read and write
|
||
|
179B4A64000
|
heap
|
page read and write
|
||
|
7522DFE000
|
unkown
|
page readonly
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
7523E7E000
|
stack
|
page read and write
|
||
|
FC0000
|
heap
|
page read and write
|
||
|
40E000
|
unkown
|
page write copy
|
||
|
179B4910000
|
trusted library allocation
|
page read and write
|
||
|
179AF4BA000
|
heap
|
page read and write
|
||
|
179B08B0000
|
trusted library allocation
|
page read and write
|
||
|
179B0240000
|
trusted library allocation
|
page read and write
|
||
|
179B4B00000
|
heap
|
page read and write
|
||
|
179B0520000
|
trusted library section
|
page readonly
|
||
|
179B0550000
|
trusted library section
|
page readonly
|
||
|
7523CFE000
|
unkown
|
page readonly
|
||
|
166000
|
stack
|
page read and write
|
||
|
179B4928000
|
trusted library allocation
|
page read and write
|
||
|
52A000
|
heap
|
page read and write
|
||
|
179B4982000
|
trusted library allocation
|
page read and write
|
||
|
75230FE000
|
unkown
|
page readonly
|
||
|
752417E000
|
stack
|
page read and write
|
||
|
179B4AFC000
|
heap
|
page read and write
|
||
|
179AFD1A000
|
heap
|
page read and write
|
||
|
7524B7E000
|
stack
|
page read and write
|
||
|
179B4950000
|
trusted library allocation
|
page read and write
|
||
|
179AF4FE000
|
heap
|
page read and write
|
||
|
199000
|
stack
|
page read and write
|
||
|
179AF413000
|
heap
|
page read and write
|
||
|
415000
|
unkown
|
page read and write
|
||
|
179AF491000
|
heap
|
page read and write
|
||
|
45E000
|
stack
|
page read and write
|
||
|
179AF360000
|
heap
|
page read and write
|
||
|
179AF477000
|
heap
|
page read and write
|
||
|
179B491E000
|
trusted library allocation
|
page read and write
|
||
|
49E000
|
stack
|
page read and write
|
||
|
179B49B3000
|
trusted library allocation
|
page read and write
|
||
|
179B4911000
|
trusted library allocation
|
page read and write
|
||
|
179AF400000
|
heap
|
page read and write
|
||
|
40A000
|
unkown
|
page read and write
|
||
|
F0F000
|
unkown
|
page readonly
|
||
|
FD0000
|
heap
|
page read and write
|
||
|
7522CF7000
|
stack
|
page read and write
|
There are 189 hidden memdumps, click here to show them.