Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
0000003448.pdf.exe
|
PE32+ executable (GUI) x86-64 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_0000003448.pdf.e_e15196a8f0eb2511ce4747ffb907bdc14423242_a04c5d31_4c6ecd60-570c-451f-8116-ae129e58bb7d\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER97AA.tmp.dmp
|
Mini DuMP crash report, 16 streams, Mon May 27 10:42:46 2024, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER9922.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER9962.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\appcompat\Programs\Amcache.hve
|
MS Windows registry file, NT/2000 or above
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\0000003448.pdf.exe
|
"C:\Users\user\Desktop\0000003448.pdf.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\regasm.exe"
|
|
|
|
C:\Windows\System32\WerFault.exe
|
C:\Windows\system32\WerFault.exe -u -p 2520 -s 1084
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://api.ipify.org/
|
104.26.13.205
|
||
|
https://api.ipify.org
|
unknown
|
||
|
http://upx.sf.net
|
unknown
|
||
|
https://account.dyn.com/
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://drconstrucciones.es
|
unknown
|
||
|
http://mail.drconstrucciones.es
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
drconstrucciones.es
|
185.5.126.24
|
|
|
|
mail.drconstrucciones.es
|
unknown
|
|
|
|
api.ipify.org
|
104.26.13.205
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
185.5.126.24
|
drconstrucciones.es
|
Spain
|
|
|
|
104.26.13.205
|
api.ipify.org
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\regasm_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\regasm_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\regasm_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\regasm_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\regasm_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\regasm_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\regasm_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\regasm_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\regasm_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\regasm_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\regasm_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\regasm_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\regasm_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\regasm_RASMANCS
|
FileDirectory
|
||
|
\REGISTRY\A\{59b3fee4-8e1d-d082-095c-f67908fbb7f1}\Root\InventoryApplicationFile\0000003448.pdf.e|163a3774a8e712e0
|
ProgramId
|
||
|
\REGISTRY\A\{59b3fee4-8e1d-d082-095c-f67908fbb7f1}\Root\InventoryApplicationFile\0000003448.pdf.e|163a3774a8e712e0
|
FileId
|
||
|
\REGISTRY\A\{59b3fee4-8e1d-d082-095c-f67908fbb7f1}\Root\InventoryApplicationFile\0000003448.pdf.e|163a3774a8e712e0
|
LowerCaseLongPath
|
||
|
\REGISTRY\A\{59b3fee4-8e1d-d082-095c-f67908fbb7f1}\Root\InventoryApplicationFile\0000003448.pdf.e|163a3774a8e712e0
|
LongPathHash
|
||
|
\REGISTRY\A\{59b3fee4-8e1d-d082-095c-f67908fbb7f1}\Root\InventoryApplicationFile\0000003448.pdf.e|163a3774a8e712e0
|
Name
|
||
|
\REGISTRY\A\{59b3fee4-8e1d-d082-095c-f67908fbb7f1}\Root\InventoryApplicationFile\0000003448.pdf.e|163a3774a8e712e0
|
OriginalFileName
|
||
|
\REGISTRY\A\{59b3fee4-8e1d-d082-095c-f67908fbb7f1}\Root\InventoryApplicationFile\0000003448.pdf.e|163a3774a8e712e0
|
Publisher
|
||
|
\REGISTRY\A\{59b3fee4-8e1d-d082-095c-f67908fbb7f1}\Root\InventoryApplicationFile\0000003448.pdf.e|163a3774a8e712e0
|
Version
|
||
|
\REGISTRY\A\{59b3fee4-8e1d-d082-095c-f67908fbb7f1}\Root\InventoryApplicationFile\0000003448.pdf.e|163a3774a8e712e0
|
BinFileVersion
|
||
|
\REGISTRY\A\{59b3fee4-8e1d-d082-095c-f67908fbb7f1}\Root\InventoryApplicationFile\0000003448.pdf.e|163a3774a8e712e0
|
BinaryType
|
||
|
\REGISTRY\A\{59b3fee4-8e1d-d082-095c-f67908fbb7f1}\Root\InventoryApplicationFile\0000003448.pdf.e|163a3774a8e712e0
|
ProductName
|
||
|
\REGISTRY\A\{59b3fee4-8e1d-d082-095c-f67908fbb7f1}\Root\InventoryApplicationFile\0000003448.pdf.e|163a3774a8e712e0
|
ProductVersion
|
||
|
\REGISTRY\A\{59b3fee4-8e1d-d082-095c-f67908fbb7f1}\Root\InventoryApplicationFile\0000003448.pdf.e|163a3774a8e712e0
|
LinkDate
|
||
|
\REGISTRY\A\{59b3fee4-8e1d-d082-095c-f67908fbb7f1}\Root\InventoryApplicationFile\0000003448.pdf.e|163a3774a8e712e0
|
BinProductVersion
|
||
|
\REGISTRY\A\{59b3fee4-8e1d-d082-095c-f67908fbb7f1}\Root\InventoryApplicationFile\0000003448.pdf.e|163a3774a8e712e0
|
AppxPackageFullName
|
||
|
\REGISTRY\A\{59b3fee4-8e1d-d082-095c-f67908fbb7f1}\Root\InventoryApplicationFile\0000003448.pdf.e|163a3774a8e712e0
|
AppxPackageRelativeId
|
||
|
\REGISTRY\A\{59b3fee4-8e1d-d082-095c-f67908fbb7f1}\Root\InventoryApplicationFile\0000003448.pdf.e|163a3774a8e712e0
|
Size
|
||
|
\REGISTRY\A\{59b3fee4-8e1d-d082-095c-f67908fbb7f1}\Root\InventoryApplicationFile\0000003448.pdf.e|163a3774a8e712e0
|
Language
|
||
|
\REGISTRY\A\{59b3fee4-8e1d-d082-095c-f67908fbb7f1}\Root\InventoryApplicationFile\0000003448.pdf.e|163a3774a8e712e0
|
Usn
|
There are 24 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
317B000
|
trusted library allocation
|
page read and write
|
|
|
|
402000
|
remote allocation
|
page execute and read and write
|
|
|
|
2475EA97000
|
trusted library allocation
|
page read and write
|
|
|
|
2474EB52000
|
trusted library allocation
|
page read and write
|
|
|
|
5696000
|
trusted library allocation
|
page read and write
|
||
|
6C00000
|
trusted library allocation
|
page execute and read and write
|
||
|
3162000
|
trusted library allocation
|
page read and write
|
||
|
7FFAACD70000
|
trusted library allocation
|
page read and write
|
||
|
3110000
|
heap
|
page execute and read and write
|
||
|
2474CEFB000
|
heap
|
page read and write
|
||
|
7FFAACD50000
|
trusted library allocation
|
page read and write
|
||
|
65DA000
|
heap
|
page read and write
|
||
|
1405000
|
heap
|
page read and write
|
||
|
3600000
|
trusted library allocation
|
page read and write
|
||
|
3602000
|
trusted library allocation
|
page read and write
|
||
|
642D000
|
stack
|
page read and write
|
||
|
F5EA5FD000
|
stack
|
page read and write
|
||
|
56A2000
|
trusted library allocation
|
page read and write
|
||
|
4131000
|
trusted library allocation
|
page read and write
|
||
|
34B8000
|
trusted library allocation
|
page read and write
|
||
|
7FFAACC70000
|
trusted library allocation
|
page execute and read and write
|
||
|
24767322000
|
heap
|
page read and write
|
||
|
5D2C000
|
stack
|
page read and write
|
||
|
57C0000
|
heap
|
page read and write
|
||
|
12F9000
|
stack
|
page read and write
|
||
|
2476731F000
|
heap
|
page read and write
|
||
|
F5EA4FE000
|
stack
|
page read and write
|
||
|
1461000
|
heap
|
page read and write
|
||
|
5650000
|
trusted library allocation
|
page read and write
|
||
|
13D0000
|
heap
|
page read and write
|
||
|
7FFB08821000
|
unkown
|
page execute read
|
||
|
2474CED3000
|
heap
|
page read and write
|
||
|
F5EA1FC000
|
stack
|
page read and write
|
||
|
52CD000
|
stack
|
page read and write
|
||
|
7FFB08836000
|
unkown
|
page readonly
|
||
|
2474CF64000
|
heap
|
page read and write
|
||
|
F5E9BA3000
|
stack
|
page read and write
|
||
|
7FFAACBDD000
|
trusted library allocation
|
page execute and read and write
|
||
|
6EDF1000
|
unkown
|
page execute read
|
||
|
2474D140000
|
heap
|
page read and write
|
||
|
67BD000
|
stack
|
page read and write
|
||
|
423C000
|
trusted library allocation
|
page read and write
|
||
|
3330000
|
trusted library allocation
|
page read and write
|
||
|
F80000
|
heap
|
page read and write
|
||
|
580C000
|
stack
|
page read and write
|
||
|
95B7000
|
trusted library allocation
|
page read and write
|
||
|
7F4C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFAACD80000
|
trusted library allocation
|
page read and write
|
||
|
7FFAACE20000
|
trusted library allocation
|
page read and write
|
||
|
959E000
|
trusted library allocation
|
page read and write
|
||
|
2474CE50000
|
heap
|
page read and write
|
||
|
6432000
|
heap
|
page read and write
|
||
|
2474CED1000
|
heap
|
page read and write
|
||
|
145E000
|
heap
|
page read and write
|
||
|
1840000
|
trusted library allocation
|
page read and write
|
||
|
3120000
|
heap
|
page read and write
|
||
|
7FF428410000
|
trusted library allocation
|
page execute and read and write
|
||
|
6485000
|
heap
|
page read and write
|
||
|
364E000
|
trusted library allocation
|
page read and write
|
||
|
14B5000
|
heap
|
page read and write
|
||
|
330A000
|
trusted library allocation
|
page read and write
|
||
|
7FFAACDD9000
|
trusted library allocation
|
page read and write
|
||
|
6B80000
|
trusted library allocation
|
page read and write
|
||
|
30CE000
|
stack
|
page read and write
|
||
|
596E000
|
stack
|
page read and write
|
||
|
1650000
|
trusted library allocation
|
page read and write
|
||
|
33BD000
|
trusted library allocation
|
page read and write
|
||
|
7FFB08820000
|
unkown
|
page readonly
|
||
|
F5EA3FE000
|
stack
|
page read and write
|
||
|
95CB000
|
trusted library allocation
|
page read and write
|
||
|
7490000
|
trusted library allocation
|
page read and write
|
||
|
7FFAACC66000
|
trusted library allocation
|
page read and write
|
||
|
2474CD72000
|
unkown
|
page readonly
|
||
|
42BC000
|
trusted library allocation
|
page read and write
|
||
|
2474CE9C000
|
heap
|
page read and write
|
||
|
651F000
|
heap
|
page read and write
|
||
|
7FFAACC96000
|
trusted library allocation
|
page execute and read and write
|
||
|
958B000
|
trusted library allocation
|
page read and write
|
||
|
1860000
|
heap
|
page read and write
|
||
|
2474EA80000
|
heap
|
page read and write
|
||
|
6BE6000
|
trusted library allocation
|
page read and write
|
||
|
2474EA89000
|
heap
|
page read and write
|
||
|
2474D145000
|
heap
|
page read and write
|
||
|
6E9C000
|
stack
|
page read and write
|
||
|
F5EA0FE000
|
stack
|
page read and write
|
||
|
1454000
|
heap
|
page read and write
|
||
|
6EE0D000
|
unkown
|
page read and write
|
||
|
2474EB1C000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
2474E8F9000
|
heap
|
page read and write
|
||
|
340D000
|
trusted library allocation
|
page read and write
|
||
|
5682000
|
trusted library allocation
|
page read and write
|
||
|
2F80000
|
trusted library allocation
|
page read and write
|
||
|
95A3000
|
trusted library allocation
|
page read and write
|
||
|
6CF0000
|
trusted library allocation
|
page read and write
|
||
|
369B000
|
trusted library allocation
|
page read and write
|
||
|
5D40000
|
heap
|
page read and write
|
||
|
6461000
|
heap
|
page read and write
|
||
|
7FFAACC0C000
|
trusted library allocation
|
page execute and read and write
|
||
|
569D000
|
trusted library allocation
|
page read and write
|
||
|
1692000
|
trusted library allocation
|
page read and write
|
||
|
68BE000
|
stack
|
page read and write
|
||
|
9A47000
|
heap
|
page read and write
|
||
|
5BAC000
|
stack
|
page read and write
|
||
|
95D0000
|
trusted library allocation
|
page read and write
|
||
|
567B000
|
trusted library allocation
|
page read and write
|
||
|
6523000
|
heap
|
page read and write
|
||
|
7FFAACE30000
|
trusted library allocation
|
page read and write
|
||
|
6BF0000
|
trusted library allocation
|
page read and write
|
||
|
5660000
|
heap
|
page execute and read and write
|
||
|
7FFAACBDB000
|
trusted library allocation
|
page execute and read and write
|
||
|
419B000
|
trusted library allocation
|
page read and write
|
||
|
348B000
|
trusted library allocation
|
page read and write
|
||
|
7FFAACE00000
|
trusted library allocation
|
page read and write
|
||
|
652B000
|
heap
|
page read and write
|
||
|
31F3000
|
trusted library allocation
|
page read and write
|
||
|
3296000
|
trusted library allocation
|
page read and write
|
||
|
1420000
|
heap
|
page read and write
|
||
|
2474D0C0000
|
trusted library section
|
page read and write
|
||
|
2474EBDC000
|
trusted library allocation
|
page read and write
|
||
|
748E000
|
stack
|
page read and write
|
||
|
2475EA91000
|
trusted library allocation
|
page read and write
|
||
|
7FFAACBD0000
|
trusted library allocation
|
page read and write
|
||
|
3169000
|
trusted library allocation
|
page read and write
|
||
|
3486000
|
trusted library allocation
|
page read and write
|
||
|
2474CE00000
|
heap
|
page read and write
|
||
|
15EB000
|
stack
|
page read and write
|
||
|
425C000
|
trusted library allocation
|
page read and write
|
||
|
7FFB08842000
|
unkown
|
page readonly
|
||
|
2474D0A3000
|
trusted library allocation
|
page read and write
|
||
|
5610000
|
trusted library allocation
|
page execute and read and write
|
||
|
421C000
|
trusted library allocation
|
page read and write
|
||
|
7FFAACBC0000
|
trusted library allocation
|
page read and write
|
||
|
3461000
|
trusted library allocation
|
page read and write
|
||
|
15AC000
|
stack
|
page read and write
|
||
|
1673000
|
trusted library allocation
|
page execute and read and write
|
||
|
1670000
|
trusted library allocation
|
page read and write
|
||
|
99C9000
|
heap
|
page read and write
|
||
|
1696000
|
trusted library allocation
|
page execute and read and write
|
||
|
1690000
|
trusted library allocation
|
page read and write
|
||
|
5670000
|
trusted library allocation
|
page read and write
|
||
|
64DC000
|
heap
|
page read and write
|
||
|
3526000
|
trusted library allocation
|
page read and write
|
||
|
2F7C000
|
stack
|
page read and write
|
||
|
7FFAACE10000
|
trusted library allocation
|
page read and write
|
||
|
155F000
|
stack
|
page read and write
|
||
|
FFE000
|
stack
|
page read and write
|
||
|
7FFAACD9A000
|
trusted library allocation
|
page read and write
|
||
|
3177000
|
trusted library allocation
|
page read and write
|
||
|
6BDD000
|
stack
|
page read and write
|
||
|
2474CD7E000
|
unkown
|
page readonly
|
||
|
2474D120000
|
heap
|
page read and write
|
||
|
1640000
|
trusted library allocation
|
page read and write
|
||
|
568E000
|
trusted library allocation
|
page read and write
|
||
|
42DC000
|
trusted library allocation
|
page read and write
|
||
|
2474CEBE000
|
heap
|
page read and write
|
||
|
43E000
|
remote allocation
|
page execute and read and write
|
||
|
9A5F000
|
heap
|
page read and write
|
||
|
95C6000
|
trusted library allocation
|
page read and write
|
||
|
6B90000
|
trusted library allocation
|
page read and write
|
||
|
9A6E000
|
heap
|
page read and write
|
||
|
567E000
|
trusted library allocation
|
page read and write
|
||
|
9990000
|
heap
|
page read and write
|
||
|
9992000
|
heap
|
page read and write
|
||
|
6EE0F000
|
unkown
|
page readonly
|
||
|
7FFAACDB0000
|
trusted library allocation
|
page read and write
|
||
|
5620000
|
trusted library allocation
|
page read and write
|
||
|
5138000
|
trusted library allocation
|
page read and write
|
||
|
7380000
|
heap
|
page read and write
|
||
|
5AAC000
|
stack
|
page read and write
|
||
|
F5EA2FF000
|
stack
|
page read and write
|
||
|
2474CF04000
|
heap
|
page read and write
|
||
|
31FA000
|
trusted library allocation
|
page read and write
|
||
|
2474EE0D000
|
trusted library allocation
|
page read and write
|
||
|
95DF000
|
trusted library allocation
|
page read and write
|
||
|
3131000
|
trusted library allocation
|
page read and write
|
||
|
958F000
|
trusted library allocation
|
page read and write
|
||
|
7FFAACD90000
|
trusted library allocation
|
page read and write
|
||
|
6C9E000
|
stack
|
page read and write
|
||
|
7FFB08840000
|
unkown
|
page read and write
|
||
|
7FFAACBB3000
|
trusted library allocation
|
page execute and read and write
|
||
|
3332000
|
trusted library allocation
|
page read and write
|
||
|
2474EA91000
|
trusted library allocation
|
page read and write
|
||
|
8390000
|
heap
|
page read and write
|
||
|
7FFAACD7F000
|
trusted library allocation
|
page read and write
|
||
|
9A3A000
|
heap
|
page read and write
|
||
|
3411000
|
trusted library allocation
|
page read and write
|
||
|
5640000
|
trusted library allocation
|
page read and write
|
||
|
3576000
|
trusted library allocation
|
page read and write
|
||
|
420E000
|
trusted library allocation
|
page read and write
|
||
|
7FFAACE3B000
|
trusted library allocation
|
page read and write
|
||
|
7FFAACBD4000
|
trusted library allocation
|
page read and write
|
||
|
9A38000
|
heap
|
page read and write
|
||
|
9AA1000
|
heap
|
page read and write
|
||
|
7FFAACDA0000
|
trusted library allocation
|
page read and write
|
||
|
2474CE90000
|
heap
|
page read and write
|
||
|
1560000
|
trusted library allocation
|
page read and write
|
||
|
169A000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFAACDDD000
|
trusted library allocation
|
page read and write
|
||
|
6B8D000
|
trusted library allocation
|
page read and write
|
||
|
14E7000
|
heap
|
page read and write
|
||
|
1847000
|
trusted library allocation
|
page execute and read and write
|
||
|
5BEC000
|
stack
|
page read and write
|
||
|
95C1000
|
trusted library allocation
|
page read and write
|
||
|
1400000
|
heap
|
page read and write
|
||
|
9599000
|
trusted library allocation
|
page read and write
|
||
|
5630000
|
trusted library allocation
|
page read and write
|
||
|
24766AC0000
|
trusted library allocation
|
page read and write
|
||
|
4159000
|
trusted library allocation
|
page read and write
|
||
|
7FFAACDF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7090000
|
trusted library allocation
|
page execute and read and write
|
||
|
163B000
|
stack
|
page read and write
|
||
|
7FFAACCD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7080000
|
trusted library allocation
|
page read and write
|
||
|
F1A000
|
stack
|
page read and write
|
||
|
3552000
|
trusted library allocation
|
page read and write
|
||
|
168D000
|
trusted library allocation
|
page execute and read and write
|
||
|
142B000
|
heap
|
page read and write
|
||
|
F5E9EFE000
|
stack
|
page read and write
|
||
|
1660000
|
trusted library allocation
|
page read and write
|
||
|
9A7F000
|
heap
|
page read and write
|
||
|
427C000
|
trusted library allocation
|
page read and write
|
||
|
69FE000
|
stack
|
page read and write
|
||
|
7FFAACC60000
|
trusted library allocation
|
page read and write
|
||
|
9594000
|
trusted library allocation
|
page read and write
|
||
|
5CEC000
|
stack
|
page read and write
|
||
|
6A5E000
|
stack
|
page read and write
|
||
|
316B000
|
trusted library allocation
|
page read and write
|
||
|
1842000
|
trusted library allocation
|
page read and write
|
||
|
2474EA40000
|
heap
|
page execute and read and write
|
||
|
7FFAACBCD000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFAACE40000
|
trusted library allocation
|
page read and write
|
||
|
2474CD70000
|
unkown
|
page readonly
|
||
|
A18F000
|
stack
|
page read and write
|
||
|
5A6D000
|
stack
|
page read and write
|
||
|
95BC000
|
trusted library allocation
|
page read and write
|
||
|
2474D0A0000
|
trusted library allocation
|
page read and write
|
||
|
16A0000
|
heap
|
page read and write
|
||
|
656E000
|
stack
|
page read and write
|
||
|
6B78000
|
trusted library allocation
|
page read and write
|
||
|
14F5000
|
heap
|
page read and write
|
||
|
6CE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFAACDC0000
|
trusted library allocation
|
page read and write
|
||
|
2474D0E0000
|
heap
|
page execute and read and write
|
||
|
3578000
|
trusted library allocation
|
page read and write
|
||
|
41FC000
|
trusted library allocation
|
page read and write
|
||
|
6B97000
|
trusted library allocation
|
page read and write
|
||
|
7FFAACBC2000
|
trusted library allocation
|
page read and write
|
||
|
F90000
|
heap
|
page read and write
|
||
|
2474D070000
|
trusted library allocation
|
page read and write
|
||
|
32DE000
|
trusted library allocation
|
page read and write
|
||
|
16A7000
|
heap
|
page read and write
|
||
|
2474CEBC000
|
heap
|
page read and write
|
||
|
2474D090000
|
trusted library allocation
|
page read and write
|
||
|
41BC000
|
trusted library allocation
|
page read and write
|
||
|
95D5000
|
trusted library allocation
|
page read and write
|
||
|
364A000
|
trusted library allocation
|
page read and write
|
||
|
95AD000
|
trusted library allocation
|
page read and write
|
||
|
310C000
|
stack
|
page read and write
|
||
|
590C000
|
stack
|
page read and write
|
||
|
6450000
|
heap
|
page read and write
|
||
|
6CDC000
|
stack
|
page read and write
|
||
|
34B6000
|
trusted library allocation
|
page read and write
|
||
|
1845000
|
trusted library allocation
|
page execute and read and write
|
||
|
429C000
|
trusted library allocation
|
page read and write
|
||
|
2474CE10000
|
heap
|
page read and write
|
||
|
1674000
|
trusted library allocation
|
page read and write
|
||
|
7FFAACC6C000
|
trusted library allocation
|
page execute and read and write
|
||
|
99F3000
|
heap
|
page read and write
|
||
|
340F000
|
trusted library allocation
|
page read and write
|
||
|
65D0000
|
heap
|
page read and write
|
||
|
8A8C000
|
stack
|
page read and write
|
||
|
705C000
|
stack
|
page read and write
|
||
|
999D000
|
heap
|
page read and write
|
||
|
7FFB08845000
|
unkown
|
page readonly
|
||
|
6BE0000
|
trusted library allocation
|
page read and write
|
||
|
7FFAACD60000
|
trusted library allocation
|
page read and write
|
||
|
6630000
|
heap
|
page read and write
|
||
|
6EDF0000
|
unkown
|
page readonly
|
||
|
1680000
|
trusted library allocation
|
page read and write
|
||
|
184B000
|
trusted library allocation
|
page execute and read and write
|
||
|
2474CE30000
|
heap
|
page read and write
|
||
|
70A0000
|
heap
|
page read and write
|
||
|
7FFAACBBD000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFAACBB0000
|
trusted library allocation
|
page read and write
|
||
|
9AA5000
|
heap
|
page read and write
|
||
|
6EE06000
|
unkown
|
page readonly
|
||
|
6B5E000
|
stack
|
page read and write
|
||
|
7FFAACDE0000
|
trusted library allocation
|
page read and write
|
||
|
167D000
|
trusted library allocation
|
page execute and read and write
|
||
|
6430000
|
heap
|
page read and write
|
||
|
6F5C000
|
stack
|
page read and write
|
||
|
95A8000
|
trusted library allocation
|
page read and write
|
||
|
7FFAACDD0000
|
trusted library allocation
|
page read and write
|
||
|
64D2000
|
heap
|
page read and write
|
||
|
2474D110000
|
heap
|
page read and write
|
||
|
7FFAACDEA000
|
trusted library allocation
|
page read and write
|
||
|
247672E0000
|
heap
|
page read and write
|
||
|
2474CECF000
|
heap
|
page read and write
|
||
|
6B70000
|
trusted library allocation
|
page read and write
|
||
|
2FCE000
|
stack
|
page read and write
|
||
|
83A0000
|
heap
|
page read and write
|
||
|
F5E9FFE000
|
stack
|
page read and write
|
||
|
7FFAACBB4000
|
trusted library allocation
|
page read and write
|
||
|
56C0000
|
heap
|
page read and write
|
||
|
35BD000
|
trusted library allocation
|
page read and write
|
||
|
68FE000
|
stack
|
page read and write
|
||
|
95DA000
|
trusted library allocation
|
page read and write
|
||
|
41DC000
|
trusted library allocation
|
page read and write
|
||
|
34DC000
|
trusted library allocation
|
page read and write
|
||
|
57C4000
|
heap
|
page read and write
|
||
|
95B2000
|
trusted library allocation
|
page read and write
|
||
|
1866000
|
heap
|
page read and write
|
||
|
24767250000
|
trusted library section
|
page read and write
|
||
|
3675000
|
trusted library allocation
|
page read and write
|
||
|
5691000
|
trusted library allocation
|
page read and write
|
||
|
2474D115000
|
heap
|
page read and write
|
There are 307 hidden memdumps, click here to show them.