Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
lrZL6K5Idl.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Roaming\confuse\chargeable.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v2.0_32\UsageLogs\chargeable.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v2.0_32\UsageLogs\lrZL6K5Idl.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
\Device\ConDrv
|
ASCII text, with CRLF line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\lrZL6K5Idl.exe
|
"C:\Users\user\Desktop\lrZL6K5Idl.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\confuse\chargeable.exe
|
"C:\Users\user\AppData\Roaming\confuse\chargeable.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\confuse\chargeable.exe
|
C:\Users\user\AppData\Roaming\confuse\chargeable.exe
|
|
|
|
C:\Users\user\AppData\Roaming\confuse\chargeable.exe
|
"C:\Users\user\AppData\Roaming\confuse\chargeable.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\confuse\chargeable.exe
|
C:\Users\user\AppData\Roaming\confuse\chargeable.exe
|
|
|
|
C:\Windows\SysWOW64\netsh.exe
|
netsh firewall add allowedprogram "C:\Users\user\AppData\Roaming\confuse\chargeable.exe" "chargeable.exe" ENABLE
|
|
|
|
C:\Users\user\Desktop\lrZL6K5Idl.exe
|
"C:\Users\user\Desktop\lrZL6K5Idl.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\confuse\chargeable.exe
|
"C:\Users\user\AppData\Roaming\confuse\chargeable.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\confuse\chargeable.exe
|
C:\Users\user\AppData\Roaming\confuse\chargeable.exe
|
|
|
|
C:\Users\user\AppData\Roaming\confuse\chargeable.exe
|
C:\Users\user\AppData\Roaming\confuse\chargeable.exe
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 1740 -s 84
|
There are 2 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
doddyfire.linkpc.net
|
|
||
|
http://www.apache.org/licenses/LICENSE-2.0
|
unknown
|
||
|
http://www.fontbureau.com
|
unknown
|
||
|
http://www.fontbureau.com/designersG
|
unknown
|
||
|
http://www.fontbureau.com/designers/?
|
unknown
|
||
|
http://www.founder.com.cn/cn/bThe
|
unknown
|
||
|
http://www.fontbureau.com/designers?
|
unknown
|
||
|
http://go.microsoft.
|
unknown
|
||
|
http://www.tiro.com
|
unknown
|
||
|
http://www.fontbureau.com/designers
|
unknown
|
||
|
http://www.goodfont.co.kr
|
unknown
|
||
|
http://go.microsoft.LinkId=42127
|
unknown
|
||
|
http://www.carterandcone.coml
|
unknown
|
||
|
http://www.sajatypeworks.com
|
unknown
|
||
|
http://www.typography.netD
|
unknown
|
||
|
http://www.fontbureau.com/designers/cabarga.htmlN
|
unknown
|
||
|
http://www.founder.com.cn/cn/cThe
|
unknown
|
||
|
http://www.galapagosdesign.com/staff/dennis.htm
|
unknown
|
||
|
http://www.founder.com.cn/cn
|
unknown
|
||
|
http://www.fontbureau.com/designers/frere-user.html
|
unknown
|
||
|
http://www.jiyu-kobo.co.jp/
|
unknown
|
||
|
http://www.galapagosdesign.com/DPlease
|
unknown
|
||
|
http://www.fontbureau.com/designers8
|
unknown
|
||
|
http://www.fonts.com
|
unknown
|
||
|
http://www.sandoll.co.kr
|
unknown
|
||
|
http://www.urwpp.deDPlease
|
unknown
|
||
|
http://www.zhongyicts.com.cn
|
unknown
|
||
|
http://www.sakkal.com
|
unknown
|
There are 18 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
doddyfire.linkpc.net
|
108.132.8.18
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
108.132.8.18
|
doddyfire.linkpc.net
|
United States
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
confuse
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
SysMain
|
|
|
|
HKEY_CURRENT_USER
|
di
|
|
|
|
HKEY_CURRENT_USER\Environment
|
SEE_MASK_NOZONECHECKS
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\e1a87040f2026369a233f9ae76301b7b
|
[kl]
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
31D1000
|
trusted library allocation
|
page read and write
|
|
|
|
402000
|
remote allocation
|
page execute and read and write
|
|
|
|
147F000
|
stack
|
page read and write
|
||
|
5A90000
|
heap
|
page read and write
|
||
|
36E6000
|
heap
|
page read and write
|
||
|
51B0000
|
heap
|
page read and write
|
||
|
4ECE000
|
stack
|
page read and write
|
||
|
2F31000
|
trusted library allocation
|
page read and write
|
||
|
547E000
|
stack
|
page read and write
|
||
|
8DAE000
|
stack
|
page read and write
|
||
|
10B7000
|
heap
|
page read and write
|
||
|
2FC8000
|
trusted library allocation
|
page read and write
|
||
|
F60000
|
heap
|
page read and write
|
||
|
560C000
|
stack
|
page read and write
|
||
|
346E000
|
trusted library allocation
|
page read and write
|
||
|
8EAE000
|
stack
|
page read and write
|
||
|
13E2000
|
trusted library allocation
|
page execute and read and write
|
||
|
3743000
|
heap
|
page read and write
|
||
|
5045000
|
heap
|
page read and write
|
||
|
68C0000
|
heap
|
page read and write
|
||
|
1260000
|
heap
|
page read and write
|
||
|
1160000
|
heap
|
page read and write
|
||
|
1410000
|
trusted library allocation
|
page read and write
|
||
|
135E000
|
stack
|
page read and write
|
||
|
122F000
|
stack
|
page read and write
|
||
|
372F000
|
heap
|
page read and write
|
||
|
3A06000
|
heap
|
page read and write
|
||
|
F68000
|
heap
|
page read and write
|
||
|
155A000
|
trusted library allocation
|
page execute and read and write
|
||
|
4BB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
69BE000
|
stack
|
page read and write
|
||
|
55C3000
|
heap
|
page read and write
|
||
|
3222000
|
trusted library allocation
|
page read and write
|
||
|
D08000
|
heap
|
page read and write
|
||
|
3F51000
|
trusted library allocation
|
page read and write
|
||
|
1587000
|
trusted library allocation
|
page execute and read and write
|
||
|
550000
|
heap
|
page read and write
|
||
|
B9E000
|
stack
|
page read and write
|
||
|
6DC0000
|
heap
|
page read and write
|
||
|
373B000
|
heap
|
page read and write
|
||
|
4181000
|
trusted library allocation
|
page read and write
|
||
|
3748000
|
heap
|
page read and write
|
||
|
5130000
|
trusted library allocation
|
page execute and read and write
|
||
|
F4E000
|
heap
|
page read and write
|
||
|
583E000
|
stack
|
page read and write
|
||
|
1040000
|
trusted library allocation
|
page read and write
|
||
|
2FA4000
|
trusted library allocation
|
page read and write
|
||
|
125A000
|
trusted library allocation
|
page execute and read and write
|
||
|
ED8000
|
heap
|
page read and write
|
||
|
1160000
|
heap
|
page read and write
|
||
|
4B7F000
|
stack
|
page read and write
|
||
|
36F1000
|
heap
|
page read and write
|
||
|
5990000
|
heap
|
page read and write
|
||
|
3731000
|
heap
|
page read and write
|
||
|
66EE000
|
stack
|
page read and write
|
||
|
FD0000
|
heap
|
page read and write
|
||
|
370B000
|
heap
|
page read and write
|
||
|
153D000
|
stack
|
page read and write
|
||
|
115E000
|
stack
|
page read and write
|
||
|
B40000
|
heap
|
page read and write
|
||
|
5320000
|
trusted library allocation
|
page execute and read and write
|
||
|
10E0000
|
trusted library allocation
|
page read and write
|
||
|
3749000
|
heap
|
page read and write
|
||
|
1162000
|
trusted library allocation
|
page execute and read and write
|
||
|
127C000
|
trusted library allocation
|
page execute and read and write
|
||
|
119B000
|
trusted library allocation
|
page execute and read and write
|
||
|
5AC0000
|
heap
|
page read and write
|
||
|
103A000
|
stack
|
page read and write
|
||
|
B5F000
|
stack
|
page read and write
|
||
|
6980000
|
heap
|
page read and write
|
||
|
3141000
|
trusted library allocation
|
page read and write
|
||
|
1363000
|
heap
|
page read and write
|
||
|
12B2000
|
heap
|
page read and write
|
||
|
682E000
|
stack
|
page read and write
|
||
|
376E000
|
heap
|
page read and write
|
||
|
339F000
|
trusted library allocation
|
page read and write
|
||
|
1200000
|
trusted library allocation
|
page read and write
|
||
|
17E0000
|
trusted library allocation
|
page read and write
|
||
|
D7E000
|
unkown
|
page readonly
|
||
|
5860000
|
heap
|
page read and write
|
||
|
1540000
|
trusted library allocation
|
page read and write
|
||
|
32A3000
|
trusted library allocation
|
page read and write
|
||
|
1240000
|
heap
|
page read and write
|
||
|
54AF000
|
stack
|
page read and write
|
||
|
51A0000
|
trusted library allocation
|
page read and write
|
||
|
370B000
|
heap
|
page read and write
|
||
|
36B1000
|
heap
|
page read and write
|
||
|
D00000
|
heap
|
page read and write
|
||
|
D60000
|
unkown
|
page readonly
|
||
|
3712000
|
heap
|
page read and write
|
||
|
9CB000
|
heap
|
page read and write
|
||
|
5610000
|
trusted library section
|
page readonly
|
||
|
5810000
|
heap
|
page read and write
|
||
|
EFE000
|
stack
|
page read and write
|
||
|
300E000
|
trusted library allocation
|
page read and write
|
||
|
55BB000
|
stack
|
page read and write
|
||
|
12B0000
|
trusted library allocation
|
page read and write
|
||
|
F30000
|
heap
|
page read and write
|
||
|
1297000
|
trusted library allocation
|
page execute and read and write
|
||
|
522C000
|
stack
|
page read and write
|
||
|
373B000
|
heap
|
page read and write
|
||
|
69C0000
|
trusted library allocation
|
page read and write
|
||
|
120C000
|
trusted library allocation
|
page execute and read and write
|
||
|
264F000
|
stack
|
page read and write
|
||
|
1190000
|
heap
|
page read and write
|
||
|
1272000
|
trusted library allocation
|
page execute and read and write
|
||
|
5F0000
|
heap
|
page read and write
|
||
|
E9E000
|
stack
|
page read and write
|
||
|
111B000
|
trusted library allocation
|
page execute and read and write
|
||
|
598F000
|
stack
|
page read and write
|
||
|
11E5000
|
heap
|
page read and write
|
||
|
CF0000
|
trusted library allocation
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
373B000
|
heap
|
page read and write
|
||
|
3748000
|
heap
|
page read and write
|
||
|
5ABC000
|
heap
|
page read and write
|
||
|
BF0000
|
heap
|
page read and write
|
||
|
150E000
|
stack
|
page read and write
|
||
|
1040000
|
heap
|
page read and write
|
||
|
53EC000
|
stack
|
page read and write
|
||
|
D42000
|
trusted library allocation
|
page execute and read and write
|
||
|
55D0000
|
trusted library section
|
page readonly
|
||
|
1170000
|
heap
|
page read and write
|
||
|
54F0000
|
heap
|
page read and write
|
||
|
51EC000
|
stack
|
page read and write
|
||
|
12A7000
|
trusted library allocation
|
page execute and read and write
|
||
|
1562000
|
trusted library allocation
|
page read and write
|
||
|
6330000
|
heap
|
page read and write
|
||
|
6D00000
|
trusted library allocation
|
page execute and read and write
|
||
|
11F0000
|
heap
|
page read and write
|
||
|
5870000
|
heap
|
page read and write
|
||
|
6AAE000
|
stack
|
page read and write
|
||
|
10D0000
|
trusted library allocation
|
page read and write
|
||
|
6B0E000
|
stack
|
page read and write
|
||
|
E3A000
|
stack
|
page read and write
|
||
|
1197000
|
trusted library allocation
|
page execute and read and write
|
||
|
376F000
|
heap
|
page read and write
|
||
|
156A000
|
trusted library allocation
|
page execute and read and write
|
||
|
6C7E000
|
stack
|
page read and write
|
||
|
5385000
|
trusted library section
|
page readonly
|
||
|
510F000
|
stack
|
page read and write
|
||
|
994000
|
heap
|
page read and write
|
||
|
10B0000
|
trusted library allocation
|
page read and write
|
||
|
4DCF000
|
stack
|
page read and write
|
||
|
379E000
|
heap
|
page read and write
|
||
|
39A4000
|
trusted library allocation
|
page read and write
|
||
|
373C000
|
heap
|
page read and write
|
||
|
31CE000
|
trusted library allocation
|
page read and write
|
||
|
53A0000
|
heap
|
page read and write
|
||
|
52A9000
|
stack
|
page read and write
|
||
|
1440000
|
heap
|
page read and write
|
||
|
D36000
|
stack
|
page read and write
|
||
|
11E9000
|
heap
|
page read and write
|
||
|
5AC7000
|
heap
|
page read and write
|
||
|
FDE000
|
heap
|
page read and write
|
||
|
C70000
|
heap
|
page read and write
|
||
|
8C2F000
|
stack
|
page read and write
|
||
|
1047000
|
trusted library allocation
|
page execute and read and write
|
||
|
1590000
|
heap
|
page read and write
|
||
|
10F4000
|
trusted library allocation
|
page read and write
|
||
|
3736000
|
heap
|
page read and write
|
||
|
3272000
|
trusted library allocation
|
page read and write
|
||
|
D34000
|
heap
|
page read and write
|
||
|
1520000
|
trusted library allocation
|
page read and write
|
||
|
11B3000
|
heap
|
page read and write
|
||
|
D80000
|
heap
|
page read and write
|
||
|
36EB000
|
heap
|
page read and write
|
||
|
16C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1203000
|
heap
|
page read and write
|
||
|
5AC8000
|
heap
|
page read and write
|
||
|
8090000
|
heap
|
page read and write
|
||
|
1447000
|
heap
|
page read and write
|
||
|
F80000
|
heap
|
page read and write
|
||
|
EF9000
|
stack
|
page read and write
|
||
|
D22000
|
trusted library allocation
|
page execute and read and write
|
||
|
12D0000
|
heap
|
page execute and read and write
|
||
|
6ABF000
|
stack
|
page read and write
|
||
|
13EA000
|
trusted library allocation
|
page execute and read and write
|
||
|
66BE000
|
heap
|
page read and write
|
||
|
EA0000
|
heap
|
page read and write
|
||
|
11A0000
|
heap
|
page read and write
|
||
|
CA0000
|
heap
|
page read and write
|
||
|
10C2000
|
trusted library allocation
|
page execute and read and write
|
||
|
83E000
|
stack
|
page read and write
|
||
|
53A3000
|
heap
|
page read and write
|
||
|
11A0000
|
heap
|
page read and write
|
||
|
1552000
|
trusted library allocation
|
page execute and read and write
|
||
|
1540000
|
heap
|
page read and write
|
||
|
81AE000
|
stack
|
page read and write
|
||
|
8240000
|
heap
|
page read and write
|
||
|
5090000
|
heap
|
page read and write
|
||
|
16D0000
|
trusted library allocation
|
page read and write
|
||
|
B9A000
|
stack
|
page read and write
|
||
|
13D2000
|
trusted library allocation
|
page execute and read and write
|
||
|
D6C000
|
heap
|
page read and write
|
||
|
16BE000
|
stack
|
page read and write
|
||
|
5040000
|
heap
|
page read and write
|
||
|
697F000
|
stack
|
page read and write
|
||
|
11A6000
|
heap
|
page read and write
|
||
|
106C000
|
heap
|
page read and write
|
||
|
11E0000
|
trusted library allocation
|
page read and write
|
||
|
9FA000
|
stack
|
page read and write
|
||
|
11F5000
|
heap
|
page read and write
|
||
|
531E000
|
stack
|
page read and write
|
||
|
54D0000
|
heap
|
page read and write
|
||
|
E9E000
|
stack
|
page read and write
|
||
|
682E000
|
stack
|
page read and write
|
||
|
36C1000
|
heap
|
page read and write
|
||
|
153A000
|
trusted library allocation
|
page execute and read and write
|
||
|
2DE0000
|
trusted library allocation
|
page read and write
|
||
|
51B0000
|
trusted library allocation
|
page read and write
|
||
|
36F8000
|
heap
|
page read and write
|
||
|
1090000
|
heap
|
page read and write
|
||
|
D62000
|
unkown
|
page readonly
|
||
|
670E000
|
heap
|
page read and write
|
||
|
13AF000
|
stack
|
page read and write
|
||
|
14AE000
|
stack
|
page read and write
|
||
|
10DC000
|
trusted library allocation
|
page execute and read and write
|
||
|
5380000
|
trusted library section
|
page readonly
|
||
|
55AE000
|
stack
|
page read and write
|
||
|
13E0000
|
heap
|
page read and write
|
||
|
5690000
|
heap
|
page read and write
|
||
|
140A000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D91000
|
trusted library allocation
|
page read and write
|
||
|
759E000
|
stack
|
page read and write
|
||
|
3255000
|
trusted library allocation
|
page read and write
|
||
|
1270000
|
trusted library allocation
|
page read and write
|
||
|
1470000
|
heap
|
page read and write
|
||
|
13FA000
|
trusted library allocation
|
page execute and read and write
|
||
|
3742000
|
heap
|
page read and write
|
||
|
3748000
|
heap
|
page read and write
|
||
|
36F8000
|
heap
|
page read and write
|
||
|
16E0000
|
heap
|
page execute and read and write
|
||
|
5020000
|
heap
|
page read and write
|
||
|
3738000
|
heap
|
page read and write
|
||
|
DA0000
|
heap
|
page execute and read and write
|
||
|
14EE000
|
stack
|
page read and write
|
||
|
133C000
|
heap
|
page read and write
|
||
|
D85000
|
heap
|
page read and write
|
||
|
124E000
|
heap
|
page read and write
|
||
|
57D0000
|
heap
|
page read and write
|
||
|
4EF0000
|
trusted library allocation
|
page read and write
|
||
|
31D1000
|
trusted library allocation
|
page read and write
|
||
|
373B000
|
heap
|
page read and write
|
||
|
2E26000
|
trusted library allocation
|
page read and write
|
||
|
36F2000
|
heap
|
page read and write
|
||
|
2DB6000
|
trusted library allocation
|
page read and write
|
||
|
1334000
|
heap
|
page read and write
|
||
|
D10000
|
heap
|
page read and write
|
||
|
2A4E000
|
stack
|
page read and write
|
||
|
1532000
|
trusted library allocation
|
page execute and read and write
|
||
|
1276000
|
trusted library allocation
|
page execute and read and write
|
||
|
370D000
|
heap
|
page read and write
|
||
|
ED000
|
stack
|
page read and write
|
||
|
53AE000
|
stack
|
page read and write
|
||
|
54F5000
|
heap
|
page read and write
|
||
|
4DCC000
|
stack
|
page read and write
|
||
|
1272000
|
trusted library allocation
|
page read and write
|
||
|
1540000
|
heap
|
page read and write
|
||
|
3950000
|
heap
|
page read and write
|
||
|
373F000
|
heap
|
page read and write
|
||
|
58A4000
|
heap
|
page read and write
|
||
|
16DE000
|
stack
|
page read and write
|
||
|
1110000
|
heap
|
page read and write
|
||
|
6DBE000
|
stack
|
page read and write
|
||
|
6C0E000
|
stack
|
page read and write
|
||
|
3737000
|
heap
|
page read and write
|
||
|
10F6000
|
stack
|
page read and write
|
||
|
36B4000
|
heap
|
page read and write
|
||
|
692E000
|
stack
|
page read and write
|
||
|
5AC9000
|
heap
|
page read and write
|
||
|
C6E000
|
stack
|
page read and write
|
||
|
97E000
|
heap
|
page read and write
|
||
|
55FD000
|
stack
|
page read and write
|
||
|
376E000
|
heap
|
page read and write
|
||
|
730F000
|
stack
|
page read and write
|
||
|
3793000
|
heap
|
page read and write
|
||
|
512E000
|
stack
|
page read and write
|
||
|
D9E000
|
stack
|
page read and write
|
||
|
158B000
|
trusted library allocation
|
page execute and read and write
|
||
|
1160000
|
heap
|
page read and write
|
||
|
36F7000
|
heap
|
page read and write
|
||
|
1160000
|
trusted library allocation
|
page read and write
|
||
|
3736000
|
heap
|
page read and write
|
||
|
143F000
|
stack
|
page read and write
|
||
|
4F10000
|
trusted library allocation
|
page read and write
|
||
|
3740000
|
heap
|
page read and write
|
||
|
1550000
|
heap
|
page read and write
|
||
|
1580000
|
trusted library allocation
|
page read and write
|
||
|
51C0000
|
heap
|
page read and write
|
||
|
54E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1EE000
|
stack
|
page read and write
|
||
|
1282000
|
trusted library allocation
|
page execute and read and write
|
||
|
5600000
|
heap
|
page read and write
|
||
|
14B0000
|
heap
|
page read and write
|
||
|
373B000
|
heap
|
page read and write
|
||
|
3799000
|
heap
|
page read and write
|
||
|
1136000
|
stack
|
page read and write
|
||
|
F00000
|
trusted library allocation
|
page read and write
|
||
|
372E000
|
heap
|
page read and write
|
||
|
12AE000
|
heap
|
page read and write
|
||
|
12B6000
|
heap
|
page read and write
|
||
|
373F000
|
heap
|
page read and write
|
||
|
65AE000
|
stack
|
page read and write
|
||
|
52E0000
|
heap
|
page read and write
|
||
|
309E000
|
stack
|
page read and write
|
||
|
F9A000
|
heap
|
page read and write
|
||
|
CCE000
|
stack
|
page read and write
|
||
|
5520000
|
trusted library allocation
|
page execute and read and write
|
||
|
720E000
|
stack
|
page read and write
|
||
|
FC0000
|
heap
|
page read and write
|
||
|
AF9000
|
stack
|
page read and write
|
||
|
1182000
|
trusted library allocation
|
page execute and read and write
|
||
|
17F0000
|
heap
|
page execute and read and write
|
||
|
4CC0000
|
heap
|
page read and write
|
||
|
5030000
|
heap
|
page read and write
|
||
|
57C0000
|
heap
|
page read and write
|
||
|
56F0000
|
heap
|
page read and write
|
||
|
687E000
|
stack
|
page read and write
|
||
|
1032000
|
trusted library allocation
|
page execute and read and write
|
||
|
860000
|
heap
|
page read and write
|
||
|
8D6C000
|
stack
|
page read and write
|
||
|
367E000
|
unkown
|
page read and write
|
||
|
3F34000
|
trusted library allocation
|
page read and write
|
||
|
1560000
|
trusted library allocation
|
page execute and read and write
|
||
|
67B0000
|
trusted library allocation
|
page read and write
|
||
|
105E000
|
heap
|
page read and write
|
||
|
734E000
|
stack
|
page read and write
|
||
|
4F00000
|
trusted library allocation
|
page execute and read and write
|
||
|
1330000
|
heap
|
page read and write
|
||
|
3749000
|
heap
|
page read and write
|
||
|
13EC000
|
trusted library allocation
|
page execute and read and write
|
||
|
3730000
|
heap
|
page read and write
|
||
|
41D1000
|
trusted library allocation
|
page read and write
|
||
|
1240000
|
trusted library allocation
|
page read and write
|
||
|
36C1000
|
heap
|
page read and write
|
||
|
56C0000
|
heap
|
page read and write
|
||
|
1052000
|
trusted library allocation
|
page execute and read and write
|
||
|
36E5000
|
heap
|
page read and write
|
||
|
3791000
|
heap
|
page read and write
|
||
|
379A000
|
heap
|
page read and write
|
||
|
100F000
|
heap
|
page read and write
|
||
|
54D0000
|
heap
|
page read and write
|
||
|
3740000
|
heap
|
page read and write
|
||
|
5340000
|
heap
|
page read and write
|
||
|
521B000
|
stack
|
page read and write
|
||
|
1117000
|
trusted library allocation
|
page execute and read and write
|
||
|
3732000
|
heap
|
page read and write
|
||
|
1060000
|
heap
|
page execute and read and write
|
||
|
4FF5000
|
trusted library section
|
page readonly
|
||
|
5710000
|
trusted library allocation
|
page execute and read and write
|
||
|
10CE000
|
stack
|
page read and write
|
||
|
5AB9000
|
heap
|
page read and write
|
||
|
D5B000
|
trusted library allocation
|
page execute and read and write
|
||
|
5AB1000
|
heap
|
page read and write
|
||
|
56A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4A7E000
|
stack
|
page read and write
|
||
|
1550000
|
heap
|
page execute and read and write
|
||
|
F33000
|
heap
|
page read and write
|
||
|
4ECE000
|
stack
|
page read and write
|
||
|
F20000
|
heap
|
page read and write
|
||
|
520E000
|
stack
|
page read and write
|
||
|
36EE000
|
heap
|
page read and write
|
||
|
F36000
|
stack
|
page read and write
|
||
|
12D0000
|
heap
|
page read and write
|
||
|
43E1000
|
trusted library allocation
|
page read and write
|
||
|
6B7E000
|
stack
|
page read and write
|
||
|
54EE000
|
stack
|
page read and write
|
||
|
51AD000
|
stack
|
page read and write
|
||
|
372F000
|
heap
|
page read and write
|
||
|
1270000
|
trusted library allocation
|
page read and write
|
||
|
12AB000
|
trusted library allocation
|
page execute and read and write
|
||
|
10F9000
|
stack
|
page read and write
|
||
|
57BD000
|
stack
|
page read and write
|
||
|
DBA000
|
stack
|
page read and write
|
||
|
D70000
|
heap
|
page read and write
|
||
|
D60000
|
heap
|
page read and write
|
||
|
3734000
|
heap
|
page read and write
|
||
|
13E0000
|
trusted library allocation
|
page read and write
|
||
|
C9F000
|
stack
|
page read and write
|
||
|
2FEB000
|
trusted library allocation
|
page read and write
|
||
|
370C000
|
heap
|
page read and write
|
||
|
C3B000
|
stack
|
page read and write
|
||
|
5855000
|
heap
|
page read and write
|
||
|
169E000
|
stack
|
page read and write
|
||
|
6B3F000
|
stack
|
page read and write
|
||
|
14AE000
|
stack
|
page read and write
|
||
|
4FF0000
|
trusted library section
|
page readonly
|
||
|
5530000
|
trusted library allocation
|
page read and write
|
||
|
D80000
|
heap
|
page read and write
|
||
|
10FE000
|
stack
|
page read and write
|
||
|
540B000
|
stack
|
page read and write
|
||
|
500F000
|
stack
|
page read and write
|
||
|
F6B000
|
heap
|
page read and write
|
||
|
36D7000
|
heap
|
page read and write
|
||
|
3749000
|
heap
|
page read and write
|
||
|
705E000
|
stack
|
page read and write
|
||
|
5AC0000
|
heap
|
page read and write
|
||
|
AF6000
|
stack
|
page read and write
|
||
|
12A0000
|
trusted library allocation
|
page read and write
|
||
|
51BB000
|
stack
|
page read and write
|
||
|
3220000
|
trusted library allocation
|
page read and write
|
||
|
1048000
|
heap
|
page read and write
|
||
|
11B0000
|
heap
|
page read and write
|
||
|
1547000
|
heap
|
page read and write
|
||
|
137E000
|
stack
|
page read and write
|
||
|
7FC40000
|
trusted library allocation
|
page execute and read and write
|
||
|
1042000
|
trusted library allocation
|
page read and write
|
||
|
3478000
|
trusted library allocation
|
page read and write
|
||
|
1440000
|
trusted library allocation
|
page read and write
|
||
|
4BA0000
|
trusted library allocation
|
page read and write
|
||
|
3793000
|
heap
|
page read and write
|
||
|
3736000
|
heap
|
page read and write
|
||
|
5540000
|
heap
|
page read and write
|
||
|
6DCE000
|
heap
|
page read and write
|
||
|
4C7E000
|
stack
|
page read and write
|
||
|
5120000
|
trusted library allocation
|
page read and write
|
||
|
5190000
|
trusted library allocation
|
page read and write
|
||
|
3A00000
|
heap
|
page read and write
|
||
|
12A0000
|
heap
|
page read and write
|
||
|
11BE000
|
stack
|
page read and write
|
||
|
1540000
|
trusted library allocation
|
page read and write
|
||
|
3277000
|
trusted library allocation
|
page read and write
|
||
|
5330000
|
trusted library allocation
|
page read and write
|
||
|
3739000
|
heap
|
page read and write
|
||
|
715E000
|
stack
|
page read and write
|
||
|
3799000
|
heap
|
page read and write
|
||
|
115E000
|
stack
|
page read and write
|
||
|
5AB5000
|
heap
|
page read and write
|
||
|
3740000
|
heap
|
page read and write
|
||
|
8000000
|
heap
|
page read and write
|
||
|
10DA000
|
trusted library allocation
|
page execute and read and write
|
||
|
36F7000
|
heap
|
page read and write
|
||
|
D57000
|
trusted library allocation
|
page execute and read and write
|
||
|
D02000
|
trusted library allocation
|
page execute and read and write
|
||
|
3471000
|
trusted library allocation
|
page read and write
|
||
|
56B5000
|
heap
|
page read and write
|
||
|
370E000
|
heap
|
page read and write
|
||
|
389E000
|
stack
|
page read and write
|
||
|
50A3000
|
heap
|
page read and write
|
||
|
10D2000
|
trusted library allocation
|
page execute and read and write
|
||
|
36FA000
|
heap
|
page read and write
|
||
|
692E000
|
stack
|
page read and write
|
||
|
3795000
|
heap
|
page read and write
|
||
|
13F0000
|
trusted library allocation
|
page read and write
|
||
|
379E000
|
heap
|
page read and write
|
||
|
1105000
|
heap
|
page read and write
|
||
|
372E000
|
heap
|
page read and write
|
||
|
36F7000
|
heap
|
page read and write
|
||
|
CF9000
|
stack
|
page read and write
|
||
|
1213000
|
heap
|
page read and write
|
||
|
9C9000
|
heap
|
page read and write
|
||
|
4CBE000
|
stack
|
page read and write
|
||
|
1139000
|
stack
|
page read and write
|
||
|
8B2E000
|
stack
|
page read and write
|
||
|
116A000
|
trusted library allocation
|
page execute and read and write
|
||
|
1582000
|
trusted library allocation
|
page read and write
|
||
|
10E2000
|
trusted library allocation
|
page read and write
|
||
|
3749000
|
heap
|
page read and write
|
||
|
157F000
|
stack
|
page read and write
|
||
|
55C0000
|
heap
|
page read and write
|
||
|
1202000
|
trusted library allocation
|
page execute and read and write
|
||
|
1460000
|
trusted library allocation
|
page read and write
|
||
|
696E000
|
stack
|
page read and write
|
||
|
F78000
|
heap
|
page read and write
|
||
|
36F9000
|
heap
|
page read and write
|
||
|
885000
|
heap
|
page read and write
|
||
|
B55000
|
heap
|
page read and write
|
||
|
1572000
|
trusted library allocation
|
page execute and read and write
|
||
|
3D91000
|
trusted library allocation
|
page read and write
|
||
|
5050000
|
trusted library allocation
|
page execute and read and write
|
||
|
57FD000
|
stack
|
page read and write
|
||
|
5ACA000
|
heap
|
page read and write
|
||
|
29A1000
|
trusted library allocation
|
page read and write
|
||
|
4F0E000
|
stack
|
page read and write
|
||
|
14D0000
|
heap
|
page read and write
|
||
|
6CBE000
|
stack
|
page read and write
|
||
|
5410000
|
trusted library section
|
page readonly
|
||
|
1252000
|
trusted library allocation
|
page execute and read and write
|
||
|
5AB2000
|
heap
|
page read and write
|
||
|
55D4000
|
trusted library section
|
page readonly
|
||
|
541B000
|
stack
|
page read and write
|
||
|
10F0000
|
trusted library allocation
|
page read and write
|
||
|
502C000
|
stack
|
page read and write
|
||
|
1152000
|
trusted library allocation
|
page execute and read and write
|
||
|
1357000
|
heap
|
page read and write
|
||
|
5525000
|
heap
|
page read and write
|
||
|
112E000
|
stack
|
page read and write
|
||
|
14FD000
|
unkown
|
page read and write
|
||
|
69E2000
|
trusted library allocation
|
page read and write
|
||
|
104A000
|
trusted library allocation
|
page execute and read and write
|
||
|
13F2000
|
trusted library allocation
|
page read and write
|
||
|
3181000
|
trusted library allocation
|
page read and write
|
||
|
11F2000
|
trusted library allocation
|
page execute and read and write
|
||
|
136E000
|
stack
|
page read and write
|
||
|
1597000
|
heap
|
page read and write
|
||
|
123E000
|
stack
|
page read and write
|
||
|
5520000
|
heap
|
page read and write
|
||
|
54E0000
|
heap
|
page read and write
|
||
|
370D000
|
heap
|
page read and write
|
||
|
10CA000
|
trusted library allocation
|
page execute and read and write
|
||
|
4F58000
|
trusted library allocation
|
page read and write
|
||
|
12D8000
|
heap
|
page read and write
|
||
|
157A000
|
trusted library allocation
|
page execute and read and write
|
||
|
5680000
|
heap
|
page read and write
|
||
|
1030000
|
trusted library allocation
|
page read and write
|
||
|
127E000
|
heap
|
page read and write
|
||
|
36EA000
|
heap
|
page read and write
|
||
|
FBE000
|
stack
|
page read and write
|
||
|
372E000
|
heap
|
page read and write
|
||
|
F7E000
|
stack
|
page read and write
|
||
|
1500000
|
heap
|
page read and write
|
||
|
6C4E000
|
stack
|
page read and write
|
||
|
327F000
|
trusted library allocation
|
page read and write
|
||
|
1417000
|
trusted library allocation
|
page execute and read and write
|
||
|
1567000
|
trusted library allocation
|
page execute and read and write
|
||
|
512F000
|
trusted library allocation
|
page read and write
|
||
|
D68000
|
heap
|
page read and write
|
||
|
F38000
|
heap
|
page read and write
|
||
|
54AD000
|
stack
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
F70000
|
heap
|
page read and write
|
||
|
58AF000
|
heap
|
page read and write
|
||
|
7E9000
|
stack
|
page read and write
|
||
|
D20000
|
trusted library allocation
|
page read and write
|
||
|
5443000
|
heap
|
page read and write
|
||
|
13DA000
|
trusted library allocation
|
page execute and read and write
|
||
|
1590000
|
heap
|
page read and write
|
||
|
530F000
|
stack
|
page read and write
|
||
|
3730000
|
heap
|
page read and write
|
||
|
1210000
|
heap
|
page read and write
|
||
|
D26000
|
trusted library allocation
|
page execute and read and write
|
||
|
527E000
|
stack
|
page read and write
|
||
|
372F000
|
heap
|
page read and write
|
||
|
66AE000
|
stack
|
page read and write
|
||
|
D85000
|
heap
|
page read and write
|
||
|
373A000
|
heap
|
page read and write
|
||
|
1402000
|
trusted library allocation
|
page execute and read and write
|
||
|
656E000
|
stack
|
page read and write
|
||
|
373D000
|
heap
|
page read and write
|
||
|
36F9000
|
heap
|
page read and write
|
||
|
56E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
372F000
|
heap
|
page read and write
|
||
|
105A000
|
trusted library allocation
|
page execute and read and write
|
||
|
1100000
|
heap
|
page read and write
|
||
|
CC0000
|
heap
|
page read and write
|
||
|
13F7000
|
trusted library allocation
|
page execute and read and write
|
||
|
10F2000
|
trusted library allocation
|
page execute and read and write
|
||
|
968000
|
heap
|
page read and write
|
||
|
13D0000
|
heap
|
page read and write
|
||
|
6700000
|
heap
|
page read and write
|
||
|
120A000
|
trusted library allocation
|
page execute and read and write
|
||
|
370B000
|
heap
|
page read and write
|
||
|
F12000
|
trusted library allocation
|
page execute and read and write
|
||
|
56F3000
|
heap
|
page read and write
|
||
|
2E3E000
|
stack
|
page read and write
|
||
|
66B0000
|
heap
|
page read and write
|
||
|
5850000
|
heap
|
page read and write
|
||
|
155C000
|
trusted library allocation
|
page execute and read and write
|
||
|
373A000
|
heap
|
page read and write
|
||
|
4BAF000
|
trusted library allocation
|
page read and write
|
||
|
13D5000
|
heap
|
page read and write
|
||
|
523E000
|
stack
|
page read and write
|
||
|
1190000
|
trusted library allocation
|
page read and write
|
||
|
551E000
|
stack
|
page read and write
|
||
|
68CE000
|
heap
|
page read and write
|
||
|
1110000
|
trusted library allocation
|
page read and write
|
||
|
1292000
|
trusted library allocation
|
page execute and read and write
|
||
|
526E000
|
stack
|
page read and write
|
||
|
15BE000
|
stack
|
page read and write
|
||
|
52A0000
|
heap
|
page read and write
|
||
|
537E000
|
stack
|
page read and write
|
||
|
738E000
|
stack
|
page read and write
|
||
|
10E7000
|
trusted library allocation
|
page execute and read and write
|
||
|
107B000
|
trusted library allocation
|
page execute and read and write
|
||
|
67EE000
|
stack
|
page read and write
|
||
|
F3E000
|
stack
|
page read and write
|
||
|
3742000
|
heap
|
page read and write
|
||
|
1290000
|
trusted library allocation
|
page read and write
|
||
|
1303000
|
heap
|
page read and write
|
||
|
5320000
|
unclassified section
|
page read and write
|
||
|
960000
|
heap
|
page read and write
|
||
|
54C0000
|
heap
|
page read and write
|
||
|
1338000
|
heap
|
page read and write
|
||
|
3732000
|
heap
|
page read and write
|
||
|
6BAF000
|
stack
|
page read and write
|
||
|
3680000
|
heap
|
page read and write
|
||
|
12C8000
|
heap
|
page read and write
|
||
|
36F3000
|
heap
|
page read and write
|
||
|
F39000
|
stack
|
page read and write
|
||
|
11ED000
|
heap
|
page read and write
|
||
|
1300000
|
heap
|
page read and write
|
||
|
3261000
|
trusted library allocation
|
page read and write
|
||
|
5790000
|
heap
|
page read and write
|
||
|
1248000
|
heap
|
page read and write
|
||
|
16F0000
|
heap
|
page read and write
|
||
|
373A000
|
heap
|
page read and write
|
||
|
5530000
|
heap
|
page read and write
|
||
|
5610000
|
heap
|
page read and write
|
||
|
11B5000
|
heap
|
page read and write
|
||
|
D85000
|
heap
|
page read and write
|
||
|
1177000
|
trusted library allocation
|
page execute and read and write
|
||
|
56B0000
|
heap
|
page read and write
|
||
|
103C000
|
trusted library allocation
|
page execute and read and write
|
||
|
4141000
|
trusted library allocation
|
page read and write
|
||
|
D0A000
|
trusted library allocation
|
page execute and read and write
|
||
|
3712000
|
heap
|
page read and write
|
||
|
31D0000
|
trusted library allocation
|
page read and write
|
||
|
36E5000
|
heap
|
page read and write
|
||
|
2E21000
|
trusted library allocation
|
page read and write
|
||
|
136B000
|
stack
|
page read and write
|
||
|
6A6E000
|
stack
|
page read and write
|
||
|
3712000
|
heap
|
page read and write
|
||
|
6A3E000
|
stack
|
page read and write
|
||
|
5ABF000
|
heap
|
page read and write
|
||
|
D2C000
|
trusted library allocation
|
page execute and read and write
|
||
|
3253000
|
trusted library allocation
|
page read and write
|
||
|
FDA000
|
heap
|
page read and write
|
||
|
36C1000
|
heap
|
page read and write
|
||
|
1560000
|
trusted library allocation
|
page read and write
|
||
|
125E000
|
stack
|
page read and write
|
||
|
880000
|
heap
|
page read and write
|
||
|
D80000
|
heap
|
page read and write
|
||
|
1720000
|
heap
|
page read and write
|
||
|
8C6C000
|
stack
|
page read and write
|
||
|
12EE000
|
stack
|
page read and write
|
||
|
36D4000
|
heap
|
page read and write
|
||
|
1277000
|
trusted library allocation
|
page execute and read and write
|
||
|
1077000
|
trusted library allocation
|
page execute and read and write
|
||
|
3742000
|
heap
|
page read and write
|
||
|
118A000
|
trusted library allocation
|
page execute and read and write
|
||
|
4FEB000
|
stack
|
page read and write
|
||
|
128A000
|
trusted library allocation
|
page execute and read and write
|
||
|
36AB000
|
heap
|
page read and write
|
||
|
322F000
|
trusted library allocation
|
page read and write
|
||
|
52BE000
|
stack
|
page read and write
|
||
|
3211000
|
trusted library allocation
|
page read and write
|
||
|
526C000
|
stack
|
page read and write
|
||
|
3790000
|
heap
|
page read and write
|
||
|
F64000
|
heap
|
page read and write
|
||
|
10B0000
|
heap
|
page read and write
|
||
|
372E000
|
heap
|
page read and write
|
||
|
36A0000
|
heap
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
11FA000
|
trusted library allocation
|
page execute and read and write
|
||
|
117A000
|
trusted library allocation
|
page execute and read and write
|
||
|
5A6000
|
stack
|
page read and write
|
||
|
5310000
|
trusted library allocation
|
page execute and read and write
|
||
|
115A000
|
trusted library allocation
|
page execute and read and write
|
||
|
4AB000
|
stack
|
page read and write
|
||
|
1192000
|
trusted library allocation
|
page read and write
|
||
|
CF6000
|
stack
|
page read and write
|
||
|
EB0000
|
heap
|
page read and write
|
||
|
12C0000
|
heap
|
page read and write
|
||
|
1260000
|
heap
|
page execute and read and write
|
||
|
56D0000
|
heap
|
page read and write
|
||
|
F03000
|
heap
|
page read and write
|
||
|
6800000
|
trusted library allocation
|
page read and write
|
||
|
2F51000
|
trusted library allocation
|
page read and write
|
||
|
127A000
|
trusted library allocation
|
page execute and read and write
|
||
|
1450000
|
trusted library allocation
|
page execute and read and write
|
||
|
ED0000
|
heap
|
page read and write
|
||
|
50A0000
|
heap
|
page read and write
|
||
|
3F31000
|
trusted library allocation
|
page read and write
|
||
|
F1A000
|
trusted library allocation
|
page execute and read and write
|
||
|
10FA000
|
trusted library allocation
|
page execute and read and write
|
||
|
840000
|
heap
|
page read and write
|
||
|
5AC2000
|
heap
|
page read and write
|
||
|
5414000
|
trusted library section
|
page readonly
|
||
|
B50000
|
heap
|
page read and write
|
||
|
EFF000
|
stack
|
page read and write
|
||
|
EB0000
|
heap
|
page read and write
|
||
|
1217000
|
heap
|
page read and write
|
||
|
36F3000
|
heap
|
page read and write
|
||
|
1044000
|
heap
|
page read and write
|
||
|
537B000
|
stack
|
page read and write
|
||
|
EEC000
|
heap
|
page read and write
|
||
|
1180000
|
heap
|
page read and write
|
||
|
5ABF000
|
heap
|
page read and write
|
||
|
3798000
|
heap
|
page read and write
|
||
|
8AEE000
|
stack
|
page read and write
|
||
|
3732000
|
heap
|
page read and write
|
||
|
126B000
|
stack
|
page read and write
|
||
|
1100000
|
heap
|
page read and write
|
||
|
373E000
|
heap
|
page read and write
|
||
|
6990000
|
trusted library section
|
page read and write
|
||
|
2BEF000
|
stack
|
page read and write
|
||
|
10EA000
|
trusted library allocation
|
page execute and read and write
|
||
|
129B000
|
trusted library allocation
|
page execute and read and write
|
||
|
3738000
|
heap
|
page read and write
|
||
|
1460000
|
heap
|
page execute and read and write
|
||
|
4C30000
|
trusted library allocation
|
page read and write
|
||
|
89EF000
|
stack
|
page read and write
|
||
|
1364000
|
stack
|
page read and write
|
||
|
36F4000
|
heap
|
page read and write
|
||
|
5ABF000
|
heap
|
page read and write
|
||
|
3712000
|
heap
|
page read and write
|
||
|
1303000
|
heap
|
page read and write
|
||
|
33E1000
|
trusted library allocation
|
page read and write
|
||
|
141B000
|
trusted library allocation
|
page execute and read and write
|
||
|
2DFE000
|
stack
|
page read and write
|
||
|
373C000
|
heap
|
page read and write
|
||
|
102E000
|
stack
|
page read and write
|
||
|
39A1000
|
trusted library allocation
|
page read and write
|
||
|
F65000
|
heap
|
page read and write
|
||
|
646E000
|
stack
|
page read and write
|
||
|
3735000
|
heap
|
page read and write
|
||
|
57A0000
|
heap
|
page read and write
|
||
|
D50000
|
heap
|
page read and write
|
||
|
1550000
|
trusted library allocation
|
page read and write
|
||
|
370B000
|
heap
|
page read and write
|
||
|
69C0000
|
trusted library allocation
|
page read and write
|
||
|
EF6000
|
stack
|
page read and write
|
||
|
5440000
|
heap
|
page read and write
|
||
|
500E000
|
stack
|
page read and write
|
||
|
1100000
|
heap
|
page read and write
|
||
|
1188000
|
heap
|
page read and write
|
||
|
51FD000
|
stack
|
page read and write
|
There are 708 hidden memdumps, click here to show them.