Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
01vwXiyQ8K.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\01vwXiyQ8K.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\COM Services.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\01vwXiyQ8K.exe
|
"C:\Users\user\Desktop\01vwXiyQ8K.exe"
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"schtasks" /create /tn "System Services" /sc ONLOGON /tr "C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe" /rl
HIGHEST /f
|
|
|
|
C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe
|
"C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe
|
"C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe"
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"schtasks" /create /tn "System Services" /sc ONLOGON /tr "C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe" /rl
HIGHEST /f
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://api.ipify.org/
|
unknown
|
||
|
http://schemas.datacontract.org/2004/07/d
|
unknown
|
||
|
https://stackoverflow.com/q/14436606/23354
|
unknown
|
||
|
https://stackoverflow.com/q/2152978/23354sCannot
|
unknown
|
||
|
https://ipwho.is/
|
195.201.57.90
|
||
|
http://schemas.datacontract.org/2004/07/
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://ipwho.is
|
unknown
|
||
|
https://stackoverflow.com/q/11564914/23354;
|
unknown
|
||
|
http://ipwho.isd
|
unknown
|
||
|
https://ipwho.is
|
unknown
|
There are 1 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
bkd.114250.xyz
|
111.173.106.171
|
|
|
|
ipwho.is
|
195.201.57.90
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
111.173.106.171
|
bkd.114250.xyz
|
China
|
|
|
|
195.201.57.90
|
ipwho.is
|
Germany
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\COM Services_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\COM Services_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\COM Services_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\COM Services_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\COM Services_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\COM Services_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\COM Services_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\COM Services_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\COM Services_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\COM Services_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\COM Services_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\COM Services_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\COM Services_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\COM Services_RASMANCS
|
FileDirectory
|
There are 5 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
4C81000
|
trusted library allocation
|
page read and write
|
|
|
|
720000
|
unkown
|
page execute and read and write
|
|
|
|
8CC000
|
unkown
|
page execute and read and write
|
||
|
432E000
|
stack
|
page read and write
|
||
|
85E0000
|
trusted library allocation
|
page read and write
|
||
|
2D9E000
|
unkown
|
page read and write
|
||
|
2520000
|
heap
|
page read and write
|
||
|
2D40000
|
heap
|
page read and write
|
||
|
257A000
|
trusted library allocation
|
page execute and read and write
|
||
|
8870000
|
trusted library allocation
|
page execute and read and write
|
||
|
49A2000
|
trusted library allocation
|
page read and write
|
||
|
7352000
|
trusted library allocation
|
page read and write
|
||
|
2360000
|
heap
|
page read and write
|
||
|
255F000
|
stack
|
page read and write
|
||
|
4350000
|
trusted library allocation
|
page read and write
|
||
|
26AF000
|
stack
|
page read and write
|
||
|
8687000
|
trusted library allocation
|
page read and write
|
||
|
2570000
|
heap
|
page read and write
|
||
|
7346000
|
trusted library allocation
|
page read and write
|
||
|
8570000
|
trusted library allocation
|
page read and write
|
||
|
2DE0000
|
heap
|
page read and write
|
||
|
47C0000
|
trusted library allocation
|
page read and write
|
||
|
86B3000
|
trusted library allocation
|
page read and write
|
||
|
4DE7000
|
trusted library allocation
|
page read and write
|
||
|
74E0000
|
heap
|
page execute and read and write
|
||
|
6D70000
|
trusted library allocation
|
page read and write
|
||
|
6E25000
|
trusted library allocation
|
page read and write
|
||
|
4931000
|
trusted library allocation
|
page read and write
|
||
|
3F05000
|
heap
|
page execute and read and write
|
||
|
237B000
|
heap
|
page read and write
|
||
|
3F00000
|
heap
|
page execute and read and write
|
||
|
2572000
|
trusted library allocation
|
page read and write
|
||
|
846B000
|
trusted library allocation
|
page read and write
|
||
|
49B5000
|
trusted library allocation
|
page read and write
|
||
|
8670000
|
trusted library allocation
|
page read and write
|
||
|
7CAF000
|
stack
|
page read and write
|
||
|
1F93000
|
unkown
|
page execute and read and write
|
||
|
7720000
|
heap
|
page read and write
|
||
|
5987000
|
trusted library allocation
|
page read and write
|
||
|
220D000
|
stack
|
page read and write
|
||
|
4130000
|
trusted library allocation
|
page execute and read and write
|
||
|
4776000
|
trusted library allocation
|
page read and write
|
||
|
75D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
21F2000
|
heap
|
page read and write
|
||
|
8470000
|
trusted library allocation
|
page read and write
|
||
|
2790000
|
heap
|
page read and write
|
||
|
95EE000
|
stack
|
page read and write
|
||
|
4C7D000
|
trusted library allocation
|
page read and write
|
||
|
6F10000
|
trusted library allocation
|
page read and write
|
||
|
3DC0000
|
heap
|
page execute and read and write
|
||
|
4772000
|
trusted library allocation
|
page read and write
|
||
|
6F24000
|
heap
|
page read and write
|
||
|
245E000
|
heap
|
page read and write
|
||
|
214A000
|
heap
|
page read and write
|
||
|
6D02000
|
trusted library allocation
|
page read and write
|
||
|
2157000
|
heap
|
page read and write
|
||
|
2BDA000
|
stack
|
page read and write
|
||
|
47E4000
|
heap
|
page read and write
|
||
|
3F60000
|
heap
|
page execute and read and write
|
||
|
7610000
|
heap
|
page execute and read and write
|
||
|
2466000
|
trusted library allocation
|
page execute and read and write
|
||
|
2490000
|
heap
|
page read and write
|
||
|
3050000
|
heap
|
page read and write
|
||
|
6EB0000
|
trusted library allocation
|
page read and write
|
||
|
3D32000
|
trusted library allocation
|
page read and write
|
||
|
4330000
|
trusted library allocation
|
page read and write
|
||
|
7667000
|
heap
|
page read and write
|
||
|
247B000
|
trusted library allocation
|
page execute and read and write
|
||
|
8710000
|
trusted library allocation
|
page read and write
|
||
|
931E000
|
stack
|
page read and write
|
||
|
2470000
|
trusted library allocation
|
page read and write
|
||
|
6E6F000
|
trusted library allocation
|
page read and write
|
||
|
2472000
|
trusted library allocation
|
page read and write
|
||
|
270A000
|
trusted library allocation
|
page execute and read and write
|
||
|
2440000
|
trusted library allocation
|
page read and write
|
||
|
44E6000
|
trusted library allocation
|
page read and write
|
||
|
99000
|
stack
|
page read and write
|
||
|
7A9E000
|
stack
|
page read and write
|
||
|
2497000
|
heap
|
page read and write
|
||
|
778B000
|
heap
|
page read and write
|
||
|
1F8A000
|
unkown
|
page execute and read and write
|
||
|
1F95000
|
unkown
|
page execute and read and write
|
||
|
3F86000
|
heap
|
page execute and read and write
|
||
|
2090000
|
heap
|
page read and write
|
||
|
47D5000
|
trusted library allocation
|
page read and write
|
||
|
733E000
|
trusted library allocation
|
page read and write
|
||
|
7756000
|
heap
|
page read and write
|
||
|
4635000
|
trusted library allocation
|
page execute and read and write
|
||
|
6E90000
|
trusted library allocation
|
page execute and read and write
|
||
|
94A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
8613000
|
trusted library allocation
|
page read and write
|
||
|
8730000
|
trusted library allocation
|
page read and write
|
||
|
6D7C000
|
trusted library allocation
|
page read and write
|
||
|
2730000
|
trusted library allocation
|
page read and write
|
||
|
8580000
|
trusted library allocation
|
page read and write
|
||
|
5931000
|
trusted library allocation
|
page read and write
|
||
|
3F80000
|
heap
|
page execute and read and write
|
||
|
2570000
|
trusted library allocation
|
page read and write
|
||
|
48A0000
|
trusted library allocation
|
page read and write
|
||
|
89F0000
|
trusted library allocation
|
page read and write
|
||
|
892E000
|
stack
|
page read and write
|
||
|
8DDF000
|
stack
|
page read and write
|
||
|
446D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2235000
|
heap
|
page read and write
|
||
|
2239000
|
heap
|
page read and write
|
||
|
8A5C000
|
stack
|
page read and write
|
||
|
86E0000
|
trusted library allocation
|
page read and write
|
||
|
3F50000
|
heap
|
page read and write
|
||
|
779B000
|
heap
|
page read and write
|
||
|
2702000
|
trusted library allocation
|
page read and write
|
||
|
26F3000
|
trusted library allocation
|
page read and write
|
||
|
22EF000
|
heap
|
page read and write
|
||
|
2563000
|
trusted library allocation
|
page read and write
|
||
|
791E000
|
stack
|
page read and write
|
||
|
2712000
|
trusted library allocation
|
page read and write
|
||
|
235D000
|
trusted library allocation
|
page execute and read and write
|
||
|
5977000
|
trusted library allocation
|
page read and write
|
||
|
2034000
|
unkown
|
page readonly
|
||
|
484F000
|
stack
|
page read and write
|
||
|
48A4000
|
trusted library allocation
|
page read and write
|
||
|
46DC000
|
trusted library allocation
|
page execute and read and write
|
||
|
4340000
|
trusted library allocation
|
page read and write
|
||
|
3F40000
|
trusted library allocation
|
page read and write
|
||
|
84D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
415B000
|
heap
|
page execute and read and write
|
||
|
2145000
|
heap
|
page read and write
|
||
|
842E000
|
trusted library allocation
|
page read and write
|
||
|
8C9F000
|
stack
|
page read and write
|
||
|
47CF000
|
trusted library allocation
|
page read and write
|
||
|
7CEA000
|
stack
|
page read and write
|
||
|
746E000
|
trusted library allocation
|
page read and write
|
||
|
24C0000
|
heap
|
page execute and read and write
|
||
|
8650000
|
trusted library allocation
|
page read and write
|
||
|
2DDE000
|
unkown
|
page read and write
|
||
|
8A00000
|
trusted library allocation
|
page read and write
|
||
|
75E0000
|
heap
|
page read and write
|
||
|
8858000
|
trusted library allocation
|
page read and write
|
||
|
5937000
|
trusted library allocation
|
page read and write
|
||
|
4DEB000
|
trusted library allocation
|
page read and write
|
||
|
8491000
|
trusted library allocation
|
page read and write
|
||
|
6EA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4943000
|
trusted library allocation
|
page read and write
|
||
|
8620000
|
trusted library allocation
|
page execute and read and write
|
||
|
2110000
|
heap
|
page read and write
|
||
|
1F8A000
|
unkown
|
page execute and read and write
|
||
|
7DF0000
|
trusted library allocation
|
page read and write
|
||
|
94EE000
|
stack
|
page read and write
|
||
|
6A2C000
|
stack
|
page read and write
|
||
|
3F70000
|
heap
|
page execute and read and write
|
||
|
2040000
|
heap
|
page read and write
|
||
|
7BAE000
|
stack
|
page read and write
|
||
|
6D7F000
|
trusted library allocation
|
page read and write
|
||
|
8740000
|
trusted library allocation
|
page read and write
|
||
|
2CDA000
|
stack
|
page read and write
|
||
|
2118000
|
heap
|
page read and write
|
||
|
2208000
|
heap
|
page read and write
|
||
|
8480000
|
trusted library allocation
|
page read and write
|
||
|
3EA5000
|
heap
|
page execute and read and write
|
||
|
732B000
|
trusted library allocation
|
page read and write
|
||
|
2FBF000
|
unkown
|
page read and write
|
||
|
46BE000
|
trusted library allocation
|
page execute and read and write
|
||
|
2B9D000
|
stack
|
page read and write
|
||
|
4C3E000
|
trusted library allocation
|
page read and write
|
||
|
4890000
|
trusted library allocation
|
page read and write
|
||
|
2200000
|
heap
|
page read and write
|
||
|
76E0000
|
heap
|
page read and write
|
||
|
8520000
|
trusted library allocation
|
page read and write
|
||
|
2030000
|
unkown
|
page read and write
|
||
|
2368000
|
heap
|
page read and write
|
||
|
3D3B000
|
trusted library allocation
|
page execute and read and write
|
||
|
7DEC000
|
stack
|
page read and write
|
||
|
46FB000
|
trusted library allocation
|
page execute and read and write
|
||
|
40AE000
|
heap
|
page execute and read and write
|
||
|
2244000
|
heap
|
page read and write
|
||
|
488C000
|
stack
|
page read and write
|
||
|
3D9E000
|
stack
|
page read and write
|
||
|
3E88000
|
heap
|
page execute and read and write
|
||
|
7A5F000
|
stack
|
page read and write
|
||
|
99000
|
stack
|
page read and write
|
||
|
58C7000
|
trusted library allocation
|
page read and write
|
||
|
6D18000
|
trusted library allocation
|
page read and write
|
||
|
3F30000
|
heap
|
page execute and read and write
|
||
|
7C9F000
|
stack
|
page read and write
|
||
|
199000
|
stack
|
page read and write
|
||
|
3DA0000
|
heap
|
page read and write
|
||
|
909E000
|
stack
|
page read and write
|
||
|
84F0000
|
trusted library allocation
|
page read and write
|
||
|
3FA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7E1F000
|
stack
|
page read and write
|
||
|
2030000
|
unkown
|
page read and write
|
||
|
434E000
|
stack
|
page read and write
|
||
|
4515000
|
trusted library allocation
|
page read and write
|
||
|
8C5D000
|
stack
|
page read and write
|
||
|
77B9000
|
heap
|
page read and write
|
||
|
401B000
|
trusted library allocation
|
page execute and read and write
|
||
|
4800000
|
trusted library allocation
|
page read and write
|
||
|
245D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7440000
|
trusted library allocation
|
page execute and read and write
|
||
|
5971000
|
trusted library allocation
|
page read and write
|
||
|
443B000
|
trusted library allocation
|
page execute and read and write
|
||
|
220C000
|
heap
|
page read and write
|
||
|
2353000
|
trusted library allocation
|
page execute and read and write
|
||
|
7656000
|
heap
|
page read and write
|
||
|
199000
|
stack
|
page read and write
|
||
|
46CF000
|
trusted library allocation
|
page execute and read and write
|
||
|
7620000
|
heap
|
page read and write
|
||
|
7D1E000
|
stack
|
page read and write
|
||
|
7CDF000
|
stack
|
page read and write
|
||
|
2444000
|
trusted library allocation
|
page read and write
|
||
|
45AD000
|
trusted library allocation
|
page execute and read and write
|
||
|
44AE000
|
trusted library allocation
|
page execute and read and write
|
||
|
9490000
|
heap
|
page read and write
|
||
|
7DDF000
|
stack
|
page read and write
|
||
|
402000
|
unkown
|
page execute and write copy
|
||
|
24A0000
|
trusted library allocation
|
page read and write
|
||
|
75C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
86A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
23A7000
|
heap
|
page read and write
|
||
|
40A8000
|
trusted library allocation
|
page read and write
|
||
|
21A7000
|
heap
|
page read and write
|
||
|
2425000
|
heap
|
page read and write
|
||
|
6D3B000
|
trusted library allocation
|
page read and write
|
||
|
84C0000
|
trusted library allocation
|
page read and write
|
||
|
212B000
|
heap
|
page read and write
|
||
|
3DC8000
|
heap
|
page execute and read and write
|
||
|
8B59000
|
stack
|
page read and write
|
||
|
2453000
|
trusted library allocation
|
page read and write
|
||
|
85ED000
|
trusted library allocation
|
page read and write
|
||
|
2576000
|
trusted library allocation
|
page execute and read and write
|
||
|
455E000
|
heap
|
page execute and read and write
|
||
|
4728000
|
heap
|
page execute and read and write
|
||
|
458E000
|
trusted library allocation
|
page execute and read and write
|
||
|
2477000
|
trusted library allocation
|
page execute and read and write
|
||
|
6EE0000
|
heap
|
page read and write
|
||
|
74C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4770000
|
trusted library allocation
|
page read and write
|
||
|
1F74000
|
unkown
|
page execute and read and write
|
||
|
3E68000
|
heap
|
page execute and read and write
|
||
|
2706000
|
trusted library allocation
|
page execute and read and write
|
||
|
215E000
|
stack
|
page read and write
|
||
|
202B000
|
unkown
|
page execute and read and write
|
||
|
6D51000
|
trusted library allocation
|
page read and write
|
||
|
3F90000
|
heap
|
page execute and read and write
|
||
|
47B0000
|
trusted library allocation
|
page read and write
|
||
|
2100000
|
heap
|
page read and write
|
||
|
48B0000
|
heap
|
page read and write
|
||
|
4140000
|
trusted library allocation
|
page read and write
|
||
|
259D000
|
trusted library allocation
|
page execute and read and write
|
||
|
8660000
|
trusted library allocation
|
page read and write
|
||
|
91DE000
|
stack
|
page read and write
|
||
|
496F000
|
stack
|
page read and write
|
||
|
2140000
|
heap
|
page read and write
|
||
|
2030000
|
unkown
|
page read and write
|
||
|
741F000
|
trusted library allocation
|
page read and write
|
||
|
734D000
|
trusted library allocation
|
page read and write
|
||
|
6D5D000
|
trusted library allocation
|
page read and write
|
||
|
2180000
|
heap
|
page read and write
|
||
|
7B9E000
|
stack
|
page read and write
|
||
|
8CDE000
|
stack
|
page read and write
|
||
|
8760000
|
trusted library allocation
|
page read and write
|
||
|
2515000
|
trusted library allocation
|
page read and write
|
||
|
499B000
|
trusted library allocation
|
page read and write
|
||
|
1F74000
|
unkown
|
page execute and read and write
|
||
|
89EE000
|
stack
|
page read and write
|
||
|
8610000
|
trusted library allocation
|
page read and write
|
||
|
86F0000
|
trusted library allocation
|
page read and write
|
||
|
25A0000
|
heap
|
page read and write
|
||
|
2040000
|
heap
|
page read and write
|
||
|
497C000
|
trusted library allocation
|
page read and write
|
||
|
2593000
|
trusted library allocation
|
page execute and read and write
|
||
|
238E000
|
heap
|
page read and write
|
||
|
896F000
|
stack
|
page read and write
|
||
|
6D62000
|
trusted library allocation
|
page read and write
|
||
|
88D0000
|
trusted library allocation
|
page read and write
|
||
|
4466000
|
trusted library allocation
|
page execute and read and write
|
||
|
75B0000
|
trusted library allocation
|
page read and write
|
||
|
3D37000
|
trusted library allocation
|
page execute and read and write
|
||
|
2420000
|
unclassified section
|
page read and write
|
||
|
7FDF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3190000
|
heap
|
page read and write
|
||
|
256D000
|
trusted library allocation
|
page execute and read and write
|
||
|
4144000
|
trusted library allocation
|
page read and write
|
||
|
7410000
|
trusted library allocation
|
page read and write
|
||
|
244D000
|
trusted library allocation
|
page execute and read and write
|
||
|
6EC0000
|
trusted library allocation
|
page read and write
|
||
|
86D0000
|
trusted library allocation
|
page read and write
|
||
|
88C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
243E000
|
heap
|
page read and write
|
||
|
8655000
|
trusted library allocation
|
page read and write
|
||
|
218E000
|
stack
|
page read and write
|
||
|
1938000
|
unkown
|
page execute and read and write
|
||
|
4355000
|
trusted library allocation
|
page read and write
|
||
|
3F50000
|
heap
|
page execute and read and write
|
||
|
47F0000
|
heap
|
page execute and read and write
|
||
|
21A3000
|
heap
|
page read and write
|
||
|
75A0000
|
heap
|
page read and write
|
||
|
74A0000
|
heap
|
page read and write
|
||
|
48C1000
|
trusted library allocation
|
page read and write
|
||
|
7B5F000
|
stack
|
page read and write
|
||
|
6E30000
|
trusted library allocation
|
page read and write
|
||
|
2230000
|
heap
|
page read and write
|
||
|
3E70000
|
trusted library allocation
|
page execute and read and write
|
||
|
22C5000
|
heap
|
page read and write
|
||
|
856C000
|
trusted library allocation
|
page read and write
|
||
|
2580000
|
heap
|
page read and write
|
||
|
7738000
|
heap
|
page read and write
|
||
|
8720000
|
trusted library allocation
|
page read and write
|
||
|
7BDE000
|
stack
|
page read and write
|
||
|
2160000
|
heap
|
page read and write
|
||
|
2340000
|
trusted library allocation
|
page read and write
|
||
|
43C3000
|
trusted library allocation
|
page execute and read and write
|
||
|
1F95000
|
unkown
|
page execute and read and write
|
||
|
1F8A000
|
unkown
|
page execute and read and write
|
||
|
23FF000
|
stack
|
page read and write
|
||
|
2590000
|
trusted library allocation
|
page read and write
|
||
|
3E38000
|
heap
|
page execute and read and write
|
||
|
46AE000
|
trusted library allocation
|
page execute and read and write
|
||
|
4448000
|
trusted library allocation
|
page execute and read and write
|
||
|
2032000
|
unkown
|
page write copy
|
||
|
400000
|
unkown
|
page readonly
|
||
|
1802000
|
unkown
|
page execute and write copy
|
||
|
6A6E000
|
stack
|
page read and write
|
||
|
2510000
|
trusted library allocation
|
page read and write
|
||
|
2197000
|
heap
|
page read and write
|
||
|
2710000
|
trusted library allocation
|
page read and write
|
||
|
8640000
|
trusted library allocation
|
page read and write
|
||
|
74B0000
|
trusted library allocation
|
page read and write
|
||
|
26ED000
|
stack
|
page read and write
|
||
|
7A6E000
|
stack
|
page read and write
|
||
|
6F20000
|
heap
|
page read and write
|
||
|
2C9D000
|
stack
|
page read and write
|
||
|
486E000
|
stack
|
page read and write
|
||
|
2594000
|
trusted library allocation
|
page read and write
|
||
|
30E0000
|
heap
|
page read and write
|
||
|
4820000
|
heap
|
page read and write
|
||
|
256E000
|
stack
|
page read and write
|
||
|
8700000
|
trusted library allocation
|
page execute and read and write
|
||
|
437E000
|
heap
|
page execute and read and write
|
||
|
919F000
|
stack
|
page read and write
|
||
|
23EF000
|
heap
|
page read and write
|
||
|
40CB000
|
heap
|
page execute and read and write
|
||
|
3ED5000
|
heap
|
page execute and read and write
|
||
|
44C0000
|
trusted library allocation
|
page read and write
|
||
|
2430000
|
trusted library allocation
|
page read and write
|
||
|
5935000
|
trusted library allocation
|
page read and write
|
||
|
7CDE000
|
stack
|
page read and write
|
||
|
3D30000
|
trusted library allocation
|
page read and write
|
||
|
8510000
|
trusted library allocation
|
page read and write
|
||
|
69BC000
|
stack
|
page read and write
|
||
|
8600000
|
trusted library allocation
|
page read and write
|
||
|
86C0000
|
trusted library allocation
|
page read and write
|
||
|
2462000
|
trusted library allocation
|
page read and write
|
||
|
3E35000
|
heap
|
page execute and read and write
|
||
|
6D4E000
|
trusted library allocation
|
page read and write
|
||
|
3D50000
|
trusted library allocation
|
page read and write
|
||
|
453E000
|
heap
|
page execute and read and write
|
||
|
46D9000
|
trusted library allocation
|
page execute and read and write
|
||
|
40C7000
|
heap
|
page execute and read and write
|
||
|
21F0000
|
trusted library allocation
|
page read and write
|
||
|
8770000
|
trusted library allocation
|
page execute and read and write
|
||
|
8500000
|
trusted library allocation
|
page read and write
|
||
|
6F00000
|
heap
|
page read and write
|
||
|
402000
|
unkown
|
page execute and read and write
|
||
|
47E0000
|
heap
|
page read and write
|
||
|
765E000
|
heap
|
page read and write
|
||
|
419D000
|
trusted library allocation
|
page execute and read and write
|
||
|
4500000
|
trusted library allocation
|
page read and write
|
||
|
2717000
|
trusted library allocation
|
page execute and read and write
|
||
|
22E6000
|
heap
|
page read and write
|
||
|
8560000
|
trusted library allocation
|
page read and write
|
||
|
9460000
|
heap
|
page read and write
|
||
|
6E7F000
|
trusted library allocation
|
page read and write
|
||
|
E02000
|
unkown
|
page execute and write copy
|
||
|
250E000
|
stack
|
page read and write
|
||
|
44EC000
|
trusted library allocation
|
page read and write
|
||
|
795E000
|
stack
|
page read and write
|
||
|
2E40000
|
heap
|
page read and write
|
||
|
46FE000
|
trusted library allocation
|
page execute and read and write
|
||
|
229F000
|
heap
|
page read and write
|
||
|
4360000
|
trusted library allocation
|
page read and write
|
||
|
4C22000
|
trusted library allocation
|
page read and write
|
||
|
303F000
|
stack
|
page read and write
|
||
|
233F000
|
stack
|
page read and write
|
||
|
6D00000
|
trusted library allocation
|
page read and write
|
||
|
84A0000
|
trusted library allocation
|
page read and write
|
||
|
88E0000
|
trusted library allocation
|
page read and write
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
6E20000
|
trusted library allocation
|
page read and write
|
||
|
2354000
|
trusted library allocation
|
page read and write
|
||
|
4C34000
|
trusted library allocation
|
page read and write
|
||
|
4520000
|
trusted library allocation
|
page read and write
|
||
|
99000
|
stack
|
page read and write
|
||
|
24B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2F20000
|
heap
|
page read and write
|
||
|
444B000
|
trusted library allocation
|
page execute and read and write
|
||
|
446A000
|
trusted library allocation
|
page execute and read and write
|
||
|
7A5E000
|
stack
|
page read and write
|
||
|
47D0000
|
trusted library allocation
|
page read and write
|
||
|
8550000
|
trusted library allocation
|
page read and write
|
||
|
941B000
|
stack
|
page read and write
|
||
|
310E000
|
stack
|
page read and write
|
||
|
92DE000
|
stack
|
page read and write
|
||
|
277E000
|
stack
|
page read and write
|
||
|
3197000
|
heap
|
page read and write
|
||
|
7460000
|
trusted library allocation
|
page read and write
|
||
|
7320000
|
trusted library allocation
|
page read and write
|
||
|
4DEF000
|
trusted library allocation
|
page read and write
|
||
|
6D56000
|
trusted library allocation
|
page read and write
|
||
|
2105000
|
heap
|
page read and write
|
||
|
476C000
|
stack
|
page read and write
|
||
|
2030000
|
unkown
|
page write copy
|
||
|
202D000
|
unkown
|
page execute and read and write
|
||
|
871D000
|
trusted library allocation
|
page read and write
|
||
|
21CE000
|
stack
|
page read and write
|
||
|
199000
|
stack
|
page read and write
|
||
|
3E90000
|
heap
|
page execute and read and write
|
||
|
8680000
|
trusted library allocation
|
page read and write
|
||
|
21CE000
|
stack
|
page read and write
|
||
|
7A2F000
|
stack
|
page read and write
|
||
|
2FFE000
|
stack
|
page read and write
|
||
|
46BB000
|
trusted library allocation
|
page execute and read and write
|
||
|
8780000
|
trusted library allocation
|
page read and write
|
||
|
89AE000
|
stack
|
page read and write
|
||
|
3DD8000
|
trusted library allocation
|
page read and write
|
||
|
30EB000
|
heap
|
page read and write
|
||
|
8630000
|
trusted library allocation
|
page read and write
|
||
|
8750000
|
trusted library allocation
|
page read and write
|
||
|
7796000
|
heap
|
page read and write
|
||
|
48A6000
|
trusted library allocation
|
page read and write
|
||
|
6E70000
|
trusted library allocation
|
page read and write
|
||
|
3E98000
|
heap
|
page execute and read and write
|
||
|
7B9F000
|
stack
|
page read and write
|
||
|
3F80000
|
trusted library allocation
|
page read and write
|
||
|
4CB9000
|
trusted library allocation
|
page read and write
|
||
|
4548000
|
heap
|
page execute and read and write
|
||
|
75E0000
|
heap
|
page read and write
|
||
|
58C5000
|
trusted library allocation
|
page read and write
|
||
|
6E60000
|
heap
|
page execute and read and write
|
||
|
33D0000
|
heap
|
page read and write
|
||
|
6E60000
|
trusted library allocation
|
page read and write
|
||
|
3EF5000
|
heap
|
page execute and read and write
|
||
|
6EBD000
|
trusted library allocation
|
page read and write
|
||
|
84B0000
|
trusted library allocation
|
page read and write
|
||
|
792E000
|
stack
|
page read and write
|
||
|
76E0000
|
heap
|
page read and write
|
||
|
58C1000
|
trusted library allocation
|
page read and write
|
||
|
6D34000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
7A1F000
|
stack
|
page read and write
|
||
|
2040000
|
heap
|
page read and write
|
||
|
85F0000
|
trusted library allocation
|
page read and write
|
||
|
7324000
|
trusted library allocation
|
page read and write
|
||
|
4654000
|
trusted library allocation
|
page execute and read and write
|
||
|
40B2000
|
heap
|
page execute and read and write
|
||
|
86B0000
|
trusted library allocation
|
page read and write
|
||
|
2780000
|
trusted library allocation
|
page execute and read and write
|
||
|
4510000
|
trusted library allocation
|
page read and write
|
||
|
6D06000
|
trusted library allocation
|
page read and write
|
||
|
4C1A000
|
trusted library allocation
|
page read and write
|
||
|
2F30000
|
heap
|
page read and write
|
||
|
2700000
|
trusted library allocation
|
page read and write
|
||
|
2207000
|
heap
|
page read and write
|
||
|
8540000
|
trusted library allocation
|
page execute and read and write
|
||
|
4794000
|
trusted library allocation
|
page read and write
|
||
|
4287000
|
heap
|
page execute and read and write
|
||
|
58D1000
|
trusted library allocation
|
page read and write
|
||
|
46CC000
|
trusted library allocation
|
page execute and read and write
|
||
|
6D30000
|
trusted library allocation
|
page read and write
|
||
|
2443000
|
trusted library allocation
|
page execute and read and write
|
||
|
21D6000
|
heap
|
page read and write
|
||
|
241D000
|
stack
|
page read and write
|
||
|
22C8000
|
heap
|
page read and write
|
||
|
20F0000
|
unclassified section
|
page read and write
|
||
|
445D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2246000
|
heap
|
page read and write
|
||
|
221B000
|
heap
|
page read and write
|
||
|
23A5000
|
heap
|
page read and write
|
||
|
271B000
|
trusted library allocation
|
page execute and read and write
|
||
|
5997000
|
trusted library allocation
|
page read and write
|
||
|
400D000
|
trusted library allocation
|
page execute and read and write
|
||
|
246A000
|
trusted library allocation
|
page execute and read and write
|
||
|
239A000
|
heap
|
page read and write
|
||
|
492F000
|
stack
|
page read and write
|
||
|
4C07000
|
trusted library allocation
|
page read and write
|
||
|
F38000
|
unkown
|
page execute and read and write
|
||
|
8530000
|
trusted library allocation
|
page read and write
|
||
|
431C000
|
trusted library allocation
|
page execute and read and write
|
||
|
26FD000
|
trusted library allocation
|
page execute and read and write
|
||
|
2F7E000
|
unkown
|
page read and write
|
||
|
2120000
|
heap
|
page read and write
|
||
|
2D50000
|
heap
|
page read and write
|
||
|
4788000
|
trusted library allocation
|
page read and write
|
||
|
5941000
|
trusted library allocation
|
page read and write
|
||
|
3F20000
|
heap
|
page read and write
|
||
|
3F70000
|
trusted library allocation
|
page read and write
|
||
|
4DED000
|
trusted library allocation
|
page read and write
|
||
|
1F74000
|
unkown
|
page execute and read and write
|
||
|
3EB8000
|
trusted library allocation
|
page read and write
|
||
|
865A000
|
trusted library allocation
|
page read and write
|
||
|
2350000
|
trusted library allocation
|
page read and write
|
||
|
4C04000
|
trusted library allocation
|
page read and write
|
||
|
46DF000
|
trusted library allocation
|
page execute and read and write
|
||
|
7341000
|
trusted library allocation
|
page read and write
|
||
|
4335000
|
trusted library allocation
|
page read and write
|
||
|
6EE4000
|
heap
|
page read and write
|
||
|
4283000
|
heap
|
page execute and read and write
|
||
|
7B6F000
|
stack
|
page read and write
|
||
|
8690000
|
trusted library allocation
|
page read and write
|
||
|
597D000
|
trusted library allocation
|
page read and write
|
||
|
4971000
|
trusted library allocation
|
page read and write
|
||
|
86B5000
|
trusted library allocation
|
page read and write
|
||
|
4998000
|
trusted library allocation
|
page read and write
|
||
|
314E000
|
stack
|
page read and write
|
||
|
3F9F000
|
heap
|
page execute and read and write
|
||
|
435E000
|
heap
|
page execute and read and write
|
||
|
4150000
|
trusted library allocation
|
page execute and read and write
|
||
|
6D24000
|
trusted library allocation
|
page read and write
|
||
|
84E0000
|
trusted library allocation
|
page read and write
|
||
|
41BD000
|
trusted library allocation
|
page execute and read and write
|
||
|
47CC000
|
trusted library allocation
|
page read and write
|
||
|
2577000
|
heap
|
page read and write
|
||
|
46DC000
|
trusted library allocation
|
page execute and read and write
|
||
|
47A0000
|
trusted library allocation
|
page read and write
|
There are 513 hidden memdumps, click here to show them.