Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Android TV Tools v3_ES.exe
|
PE32 executable (console) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\ytmp\tmp8939.bat
|
DOS batch file, Non-ISO extended-ASCII text, with very long lines (316), with CRLF line terminators
|
dropped
|
|
|
|
C:\ProgramData\Microsoft\Network\Downloader\edb.log
|
data
|
dropped
|
||
|
C:\ProgramData\Microsoft\Network\Downloader\qmgr.db
|
Extensible storage engine DataBase, version 0x620, checksum 0x530d4801, page size 16384, DirtyShutdown, Windows version 10.0
|
dropped
|
||
|
C:\ProgramData\Microsoft\Network\Downloader\qmgr.jfm
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_22d2yuhe.3zv.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_g4sc2c22.g0k.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_jaqpxry4.snk.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_x5jqbz44.kz5.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ytmp\tmp4785.exe
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\Desktop\Android TV Tools - Aux Files\BITC7F8.tmp
|
PE32 executable (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\Desktop\Android TV Tools - Aux Files\cmdmax.exe (copy)
|
PE32 executable (console) Intel 80386, for MS Windows
|
dropped
|
||
|
\Device\Null
|
ASCII text, with CRLF line terminators
|
dropped
|
There are 4 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\Android TV Tools v3_ES.exe
|
"C:\Users\user\Desktop\Android TV Tools v3_ES.exe"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
C:\Windows\system32\cmd.exe /c if not exist "C:\Users\user\AppData\Local\Temp\afolder" mkdir "C:\Users\user\AppData\Local\Temp\afolder"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
C:\Windows\system32\cmd.exe /c if not exist "C:\Users\user\AppData\Local\Temp\ytmp" mkdir "C:\Users\user\AppData\Local\Temp\ytmp"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
C:\Windows\system32\cmd.exe /c attrib +h C:\Users\user\AppData\Local\Temp\ytmp
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
C:\Windows\system32\cmd.exe /c if exist "C:\Users\user\AppData\Local\Temp\ytmp\tmp8939.bat" del "C:\Users\user\AppData\Local\Temp\ytmp\tmp8939.bat"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
C:\Windows\system32\cmd.exe /c if exist "C:\Users\user\AppData\Local\Temp\ytmp\tmp4785.exe" del "C:\Users\user\AppData\Local\Temp\ytmp\tmp4785.exe"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
C:\Windows\system32\cmd.exe /c C:\Users\user\AppData\Local\Temp\ytmp\tmp8939.bat "C:\Users\user\Desktop\Android TV Tools v3_ES.exe"
|
|
|
|
C:\Windows\SysWOW64\PING.EXE
|
ping google.com -n 1
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
powershell -Command "Start-bitsTransfer -Source https://github.com/tenox7/cmdmax/releases/download/2.0/cmdmax-x86.exe -Destination
'Android TV Tools - Aux Files\cmdmax.exe'"
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS
|
|
|
|
C:\Users\user\Desktop\Android TV Tools - Aux Files\cmdmax.exe
|
"Android TV Tools - Aux Files\cmdmax.exe" 20 234 120 31 120 9999
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\attrib.exe
|
attrib +h C:\Users\user\AppData\Local\Temp\ytmp
|
There are 3 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://github.com/tenox7/cmdmax/releases/download/2.0/cmdmax-x86.exe
|
140.82.121.4
|
|
|
|
https://github.com/
|
unknown
|
|
|
|
https://atvlauncher.trekgonewild.de/
|
unknown
|
||
|
https://kutt.it/stn_bridge_atv
|
unknown
|
||
|
https://www.tdtchannels.com/listas
|
unknown
|
||
|
https://f-droid.org/repo/news.androidtv.launchonboot_12.apk
|
unknown
|
||
|
https://www.androidpolice.com/2021/01/30/how-to-remap-remote-buttons-take-screenshot-chromecast-with
|
unknown
|
||
|
https://github.com/0x192/universal-android-debloater/releases/download/%ver_debloater%/uad_gui-windo
|
unknown
|
||
|
https://github.com/0x192/universal-android-debloater/wiki/FAQ
|
unknown
|
||
|
https://iptv-org.github.io/
|
unknown
|
||
|
https://github.com/c50
|
unknown
|
||
|
https://www.reddit.com/r/AndroidTV/
|
unknown
|
||
|
https://www.androidtv-guide.com/
|
unknown
|
||
|
https://www.reddit.com/r/AndroidTV/comments/1ajkxbk/tool_allinone_tool_for_windows_android_tv_tools_
|
unknown
|
||
|
https://xdaforums.com/attachments/google-installer_3-0-apk.6052043/
|
unknown
|
||
|
https://g.live.com/odclientsettings/ProdV2.C:
|
unknown
|
||
|
https://gitlab.com/AuroraOSS/AuroraStore/uploads/ac32503aee88c6d1067dad57f3f92e09/AuroraStore_4.3.5.
|
unknown
|
||
|
https://play.google.com/store/apps/details?id=com.tdtchannels.player
|
unknown
|
||
|
https://github.com:443/tenox7/cmdmax/releases/download/2.0/cmdmax-x86.exe
|
unknown
|
||
|
https://api.github.com/repos/mirfatif/PermissionManagerX/releases/latest
|
unknown
|
||
|
https://xdaforums.com/attachments/aapt-arm-pie-zip.6053069/
|
unknown
|
||
|
https://play.google.com/store/apps/details?id=flar2.homebutton
|
unknown
|
||
|
https://api.github.com/repos/K3V1991/ADB-and-FastbootPlusPlus/releases/latest
|
unknown
|
||
|
https://api.github.com/repos/codefaktor/FTVLaunchX/releases/latest
|
unknown
|
||
|
https://github.com/Genymobile/scrcpy/blob/master/doc/shortcuts.md#shortcuts
|
unknown
|
||
|
https://api.github.com/repos/spocky/miproja1/releases/latest
|
unknown
|
||
|
https://github.com/K3V1991/ADB-and-FastbootPlusPlus/releases/download/%ver_adb%/ADB-and-Fastboot
|
unknown
|
||
|
https://objects.githubusercontent.com/github-production-release-asset-2e65be/50417431/6e51c424-c3ca-
|
unknown
|
||
|
https://mirfatif.github.io/PermissionManagerX/
|
unknown
|
||
|
https://api.github.com/repos/0x192/universal-android-debloater/releases
|
unknown
|
||
|
https://github.com/tenox7/cmdmax/releases/download/2.0/cmdmax-x86.exeAC:
|
unknown
|
||
|
https://xdaforums.com/attachments/google-play-store_v38-7-29-apk.6052033/
|
unknown
|
||
|
https://xdaforums.com/attachments/countries-list-txt.6067313/
|
unknown
|
||
|
https://www.adslzone.net/reportajes/tv-streaming/que-es-tecnologia-iptv/#395576-que-son-las-listas-i
|
unknown
|
||
|
https://xdaforums.com/attachments/google-tv-home_1-0-591121582-apk.6051727/
|
unknown
|
||
|
https://kutt.it/stn_bridge_amazon
|
unknown
|
||
|
https://github.com/codefaktor/FTVLaunchX/releases/download/v1.0.1/FTVLaunchX-1.0.1.apk
|
unknown
|
||
|
https://github.com/0x192/universal-android-debloater#universal-android-debloater-gui
|
unknown
|
||
|
https://adguard.com/adguard-android-tv/overview.html
|
unknown
|
||
|
https://api.github.com/repos/realOxy/M3UAndroid/releases/latest
|
unknown
|
||
|
https://xdaforums.com/t/tool-all-in-one-tool-for-windows-android-tv-tools-v2.4648239/
|
unknown
|
||
|
https://9to5google.com/guides/android-tv/
|
unknown
|
||
|
https://play.google.com/store/apps/details?id=%%%%j
|
unknown
|
||
|
https://play.google.com/store/apps/details?id=com.neilturner.aerialviews
|
unknown
|
||
|
https://xdaforums.com/attachments/wifi-pro-ftp-server_v1-9-5-build-74-apk.5924749/
|
unknown
|
||
|
https://gitlab.com/flauncher/flauncher/-/releases/0.18.0/downloads/flauncher-0.18.0.apk
|
unknown
|
||
|
https://play.google.com/store/apps/details?id=org.xbmc.kodi
|
unknown
|
||
|
https://xdaforums.com/t/how-to-prepare-smartwatch-for-advanced-functions.4511103/
|
unknown
|
||
|
https://play.google.com/store/apps/details?id=ar.tvplayer.tv
|
unknown
|
||
|
https://github.com/Genymobile/scrcpy
|
unknown
|
||
|
https://api.github.com/repos/Genymobile/scrcpy/releases/latest
|
unknown
|
||
|
https://github.com/codefaktor/FTVLaunchX/blob/develop/README.md
|
unknown
|
||
|
http://crl.ver)
|
unknown
|
||
|
https://smarttubeapp.github.io/
|
unknown
|
||
|
https://github.com/Genymobile/scrcpy/releases/download/%ver_scrcpy%/scrcpy-win%arquitectura_windows%
|
unknown
|
||
|
https://github.com/Free-TV/IPTV?tab=readme-ov-file#free-tv
|
unknown
|
||
|
https://kutt.it/stn_beta
|
unknown
|
||
|
https://ipinfo.io
|
unknown
|
||
|
https://play.google.com/store/apps/details?id=com.wiseplay
|
unknown
|
||
|
https://g.live.com/odclientsettings/Prod/C:
|
unknown
|
||
|
https://xdaforums.com/attachments/google-play-apk.6050959/
|
unknown
|
||
|
https://xdaforums.com/c/android-tv.4276/
|
unknown
|
||
|
https://apkins.aptoide.com/AptoideTV-5.1.2.apk
|
unknown
|
||
|
https://objects.githubusercontent.com:443
|
unknown
|
||
|
https://github.com/K3V1991/ADB-and-FastbootPlusPlus
|
unknown
|
||
|
https://github.com/iptv-org/iptv?tab=readme-ov-file#playlists
|
unknown
|
||
|
http://agrd.io/tvapk
|
unknown
|
||
|
https://objects.githubusercontent.com/
|
unknown
|
||
|
https://mirfatif.github.io/PermissionManagerX/help/en/
|
unknown
|
||
|
https://github.com/mirfatif/PermissionManagerX/releases/download/%ver_PMX%/PMX_%ver_PMX%.apk
|
unknown
|
||
|
https://kutt.it/stn_stable
|
unknown
|
There are 61 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
github.com
|
140.82.121.4
|
|
|
|
google.com
|
142.250.186.46
|
||
|
objects.githubusercontent.com
|
185.199.108.133
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
140.82.121.4
|
github.com
|
United States
|
|
|
|
142.250.186.46
|
google.com
|
United States
|
||
|
185.199.108.133
|
objects.githubusercontent.com
|
Netherlands
|
||
|
127.0.0.1
|
unknown
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS
|
PerfMMFileName
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
1C0DEF10000
|
trusted library allocation
|
page read and write
|
||
|
3E19C7A000
|
stack
|
page read and write
|
||
|
3E1AE7E000
|
unkown
|
page readonly
|
||
|
3E1A7FE000
|
stack
|
page read and write
|
||
|
1C0DA1E1000
|
trusted library allocation
|
page read and write
|
||
|
1C0DAB70000
|
trusted library section
|
page readonly
|
||
|
1C0D99E0000
|
heap
|
page read and write
|
||
|
1C0D9AB9000
|
heap
|
page read and write
|
||
|
415000
|
unkown
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
1C0DABB0000
|
trusted library section
|
page readonly
|
||
|
1C0DF0E0000
|
trusted library allocation
|
page read and write
|
||
|
1C0DF0D0000
|
trusted library allocation
|
page read and write
|
||
|
1C0DEFD0000
|
trusted library allocation
|
page read and write
|
||
|
1C0DAB90000
|
trusted library section
|
page readonly
|
||
|
1C0DF2C1000
|
heap
|
page read and write
|
||
|
1C0DF2D1000
|
heap
|
page read and write
|
||
|
1C0D9A6F000
|
heap
|
page read and write
|
||
|
1C0DF300000
|
heap
|
page read and write
|
||
|
1C0DF2C6000
|
heap
|
page read and write
|
||
|
1C0DAA80000
|
trusted library allocation
|
page read and write
|
||
|
1C0DF140000
|
remote allocation
|
page read and write
|
||
|
1C0DA840000
|
trusted library allocation
|
page read and write
|
||
|
3E1A1FE000
|
stack
|
page read and write
|
||
|
3E19A7E000
|
stack
|
page read and write
|
||
|
1C0DA31A000
|
heap
|
page read and write
|
||
|
1C0DF210000
|
heap
|
page read and write
|
||
|
1484000
|
heap
|
page read and write
|
||
|
1C0DF302000
|
heap
|
page read and write
|
||
|
4E0000
|
heap
|
page read and write
|
||
|
3E1987E000
|
unkown
|
page readonly
|
||
|
9D000
|
stack
|
page read and write
|
||
|
1C0DA200000
|
heap
|
page read and write
|
||
|
407000
|
unkown
|
page read and write
|
||
|
1C0DEFD0000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
1C0DA202000
|
heap
|
page read and write
|
||
|
1C0DA300000
|
heap
|
page read and write
|
||
|
1C0DF080000
|
trusted library allocation
|
page read and write
|
||
|
F0F000
|
unkown
|
page readonly
|
||
|
3E1B87E000
|
unkown
|
page readonly
|
||
|
1C0DF510000
|
trusted library allocation
|
page read and write
|
||
|
1C0D99F0000
|
heap
|
page read and write
|
||
|
680000
|
heap
|
page read and write
|
||
|
1C0DF140000
|
remote allocation
|
page read and write
|
||
|
10EA000
|
heap
|
page read and write
|
||
|
40D000
|
unkown
|
page readonly
|
||
|
1C0D9AFC000
|
heap
|
page read and write
|
||
|
1C0DA160000
|
trusted library section
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
1C0DEFA0000
|
trusted library allocation
|
page read and write
|
||
|
1C0D9A78000
|
heap
|
page read and write
|
||
|
87F000
|
stack
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
1C0DF110000
|
trusted library allocation
|
page read and write
|
||
|
1C0DF0F0000
|
trusted library allocation
|
page read and write
|
||
|
1C0DEFE0000
|
trusted library allocation
|
page read and write
|
||
|
1C0DF013000
|
trusted library allocation
|
page read and write
|
||
|
1C0DF070000
|
trusted library allocation
|
page read and write
|
||
|
1C0D9A13000
|
heap
|
page read and write
|
||
|
1C0DF070000
|
trusted library allocation
|
page read and write
|
||
|
1C0D99C0000
|
heap
|
page read and write
|
||
|
1C0D9A8C000
|
heap
|
page read and write
|
||
|
FA0000
|
heap
|
page read and write
|
||
|
1C0D9A91000
|
heap
|
page read and write
|
||
|
1C0DA150000
|
trusted library allocation
|
page read and write
|
||
|
1C0DF2BF000
|
heap
|
page read and write
|
||
|
3E1B7FE000
|
stack
|
page read and write
|
||
|
3E1A3FE000
|
stack
|
page read and write
|
||
|
1C0D9A8A000
|
heap
|
page read and write
|
||
|
1C0DF010000
|
trusted library allocation
|
page read and write
|
||
|
166000
|
stack
|
page read and write
|
||
|
3E1ACFE000
|
stack
|
page read and write
|
||
|
3E1A2FE000
|
stack
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
1C0DEF80000
|
trusted library allocation
|
page read and write
|
||
|
1C0DF140000
|
remote allocation
|
page read and write
|
||
|
1C0DEFC0000
|
trusted library allocation
|
page read and write
|
||
|
1C0DAF10000
|
trusted library allocation
|
page read and write
|
||
|
1C0DEF20000
|
trusted library allocation
|
page read and write
|
||
|
3E1A57E000
|
unkown
|
page readonly
|
||
|
10E0000
|
heap
|
page read and write
|
||
|
1C0DA313000
|
heap
|
page read and write
|
||
|
1C0DA35B000
|
heap
|
page read and write
|
||
|
590000
|
heap
|
page read and write
|
||
|
1C0DEF90000
|
trusted library allocation
|
page read and write
|
||
|
1C0DA31A000
|
heap
|
page read and write
|
||
|
1C0DEFA1000
|
trusted library allocation
|
page read and write
|
||
|
3E1A4FE000
|
stack
|
page read and write
|
||
|
1C0DF200000
|
heap
|
page read and write
|
||
|
1C0D9A9C000
|
heap
|
page read and write
|
||
|
3E19D7E000
|
unkown
|
page readonly
|
||
|
1C0D9B29000
|
heap
|
page read and write
|
||
|
1C0DF2F6000
|
heap
|
page read and write
|
||
|
3E1A17E000
|
unkown
|
page readonly
|
||
|
1C0D9B13000
|
heap
|
page read and write
|
||
|
1C0D9A88000
|
heap
|
page read and write
|
||
|
3E1A27E000
|
unkown
|
page readonly
|
||
|
550000
|
heap
|
page read and write
|
||
|
1C0DF25D000
|
heap
|
page read and write
|
||
|
1490000
|
direct allocation
|
page read and write
|
||
|
584000
|
unkown
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
1C0D9A00000
|
heap
|
page read and write
|
||
|
1C0DF295000
|
heap
|
page read and write
|
||
|
1C0DEFE0000
|
trusted library allocation
|
page read and write
|
||
|
3E1ADFE000
|
unkown
|
page readonly
|
||
|
3E1AC7E000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
3E1A67E000
|
stack
|
page read and write
|
||
|
3E1AF7C000
|
stack
|
page read and write
|
||
|
199000
|
stack
|
page read and write
|
||
|
3E1A47E000
|
unkown
|
page readonly
|
||
|
3E1AAFE000
|
stack
|
page read and write
|
||
|
3E1A87E000
|
unkown
|
page readonly
|
||
|
1C0DF304000
|
heap
|
page read and write
|
||
|
1C0DA591000
|
trusted library allocation
|
page read and write
|
||
|
19F000
|
stack
|
page read and write
|
||
|
1C0DF2FA000
|
heap
|
page read and write
|
||
|
1C0D9A2B000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
1C0DF100000
|
trusted library allocation
|
page read and write
|
||
|
68E000
|
heap
|
page read and write
|
||
|
52E000
|
stack
|
page read and write
|
||
|
3E1A07B000
|
stack
|
page read and write
|
||
|
3E1B07E000
|
unkown
|
page readonly
|
||
|
1C0DF315000
|
heap
|
page read and write
|
||
|
40B000
|
unkown
|
page readonly
|
||
|
1C0DF220000
|
heap
|
page read and write
|
||
|
40A000
|
unkown
|
page write copy
|
||
|
1C0D9AA2000
|
heap
|
page read and write
|
||
|
10EE000
|
heap
|
page read and write
|
||
|
3E1A77E000
|
unkown
|
page readonly
|
||
|
401000
|
unkown
|
page execute read
|
||
|
3E1A97E000
|
stack
|
page read and write
|
||
|
1380000
|
heap
|
page read and write
|
||
|
3E1AB7E000
|
unkown
|
page readonly
|
||
|
1C0DAB60000
|
trusted library section
|
page readonly
|
||
|
1C0D9A43000
|
heap
|
page read and write
|
||
|
40A000
|
unkown
|
page read and write
|
||
|
1480000
|
heap
|
page read and write
|
||
|
1C0DF0F0000
|
trusted library allocation
|
page read and write
|
||
|
1C0DEFE4000
|
trusted library allocation
|
page read and write
|
||
|
1C0DEFA0000
|
trusted library allocation
|
page read and write
|
||
|
1C0DF260000
|
heap
|
page read and write
|
||
|
F20000
|
heap
|
page read and write
|
||
|
3E1B27E000
|
unkown
|
page readonly
|
||
|
1C0DF306000
|
heap
|
page read and write
|
||
|
1C0DA35B000
|
heap
|
page read and write
|
||
|
1C0DF2E3000
|
heap
|
page read and write
|
||
|
1C0DA302000
|
heap
|
page read and write
|
||
|
F0D000
|
unkown
|
page read and write
|
||
|
1C0D9B02000
|
heap
|
page read and write
|
||
|
3E1B17E000
|
stack
|
page read and write
|
||
|
1C0DAB80000
|
trusted library section
|
page readonly
|
||
|
40D000
|
unkown
|
page readonly
|
||
|
19D000
|
stack
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
1C0DF253000
|
heap
|
page read and write
|
||
|
407000
|
unkown
|
page write copy
|
||
|
40E000
|
unkown
|
page read and write
|
||
|
1C0DF24C000
|
heap
|
page read and write
|
||
|
1C0D9AAC000
|
heap
|
page read and write
|
||
|
1C0DF22D000
|
heap
|
page read and write
|
||
|
3E19777000
|
stack
|
page read and write
|
||
|
3E19B7E000
|
unkown
|
page readonly
|
||
|
3E19E7B000
|
stack
|
page read and write
|
||
|
3E1A37E000
|
unkown
|
page readonly
|
||
|
40B000
|
unkown
|
page readonly
|
||
|
68A000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
F0F000
|
unkown
|
page readonly
|
||
|
40E000
|
unkown
|
page write copy
|
||
|
3E19F7E000
|
unkown
|
page readonly
|
||
|
1C0DF23F000
|
heap
|
page read and write
|
||
|
1C0DA215000
|
heap
|
page read and write
|
||
|
3E1AA7E000
|
unkown
|
page readonly
|
||
|
411000
|
unkown
|
page read and write
|
||
|
1C0DABA0000
|
trusted library section
|
page readonly
|
||
|
3E1918B000
|
stack
|
page read and write
|
||
|
1C0D9A5C000
|
heap
|
page read and write
|
||
|
1C0D9A74000
|
heap
|
page read and write
|
There are 172 hidden memdumps, click here to show them.