Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Copy#51007602.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Roaming\itdtn.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\Copy#51007602.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\itdtn.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\Copy#51007602.exe
|
"C:\Users\user\Desktop\Copy#51007602.exe"
|
|
|
|
C:\Users\user\Desktop\Copy#51007602.exe
|
"C:\Users\user\Desktop\Copy#51007602.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\itdtn.exe
|
"C:\Users\user\AppData\Roaming\itdtn.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\itdtn.exe
|
"C:\Users\user\AppData\Roaming\itdtn.exe"
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://api.ipify.org/
|
104.26.13.205
|
||
|
https://github.com/mgravell/protobuf-net
|
unknown
|
||
|
https://api.ipify.org
|
unknown
|
||
|
http://jahnindustry.shop
|
unknown
|
||
|
https://github.com/mgravell/protobuf-neti
|
unknown
|
||
|
https://stackoverflow.com/q/14436606/23354
|
unknown
|
||
|
https://account.dyn.com/
|
unknown
|
||
|
https://github.com/mgravell/protobuf-netJ
|
unknown
|
||
|
https://api.ipify.org/t
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://stackoverflow.com/q/11564914/23354;
|
unknown
|
||
|
https://stackoverflow.com/q/2152978/23354
|
unknown
|
There are 2 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
jahnindustry.shop
|
66.29.151.236
|
|
|
|
api.ipify.org
|
104.26.13.205
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
66.29.151.236
|
jahnindustry.shop
|
United States
|
|
|
|
104.26.13.205
|
api.ipify.org
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
itdtn
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Copy#51007602_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Copy#51007602_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Copy#51007602_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Copy#51007602_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Copy#51007602_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Copy#51007602_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Copy#51007602_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Copy#51007602_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Copy#51007602_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Copy#51007602_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Copy#51007602_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Copy#51007602_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Copy#51007602_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Copy#51007602_RASMANCS
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\itdtn_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\itdtn_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\itdtn_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\itdtn_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\itdtn_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\itdtn_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\itdtn_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\itdtn_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\itdtn_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\itdtn_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\itdtn_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\itdtn_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\itdtn_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\itdtn_RASMANCS
|
FileDirectory
|
There are 20 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
32E1000
|
trusted library allocation
|
page read and write
|
|
|
|
50D0000
|
trusted library section
|
page read and write
|
|
|
|
4CA6000
|
trusted library allocation
|
page read and write
|
|
|
|
45DE000
|
trusted library allocation
|
page read and write
|
|
|
|
5056000
|
trusted library allocation
|
page read and write
|
|
|
|
5400000
|
trusted library section
|
page read and write
|
|
|
|
3633000
|
trusted library allocation
|
page read and write
|
|
|
|
4DBE000
|
trusted library allocation
|
page read and write
|
|
|
|
3347000
|
trusted library allocation
|
page read and write
|
|
|
|
3321000
|
trusted library allocation
|
page read and write
|
|
|
|
4D1E000
|
trusted library allocation
|
page read and write
|
|
|
|
3371000
|
trusted library allocation
|
page read and write
|
|
|
|
42F000
|
remote allocation
|
page execute and read and write
|
|
|
|
3991000
|
trusted library allocation
|
page read and write
|
|
|
|
4391000
|
trusted library allocation
|
page read and write
|
|
|
|
4CCE000
|
trusted library allocation
|
page read and write
|
|
|
|
2B74000
|
trusted library allocation
|
page read and write
|
|
|
|
3307000
|
trusted library allocation
|
page read and write
|
|
|
|
29B0000
|
trusted library allocation
|
page read and write
|
||
|
305D000
|
stack
|
page read and write
|
||
|
2B32000
|
trusted library allocation
|
page read and write
|
||
|
5590000
|
heap
|
page execute and read and write
|
||
|
17D3000
|
trusted library allocation
|
page execute and read and write
|
||
|
31B3000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
18C3000
|
trusted library allocation
|
page execute and read and write
|
||
|
18C4000
|
trusted library allocation
|
page read and write
|
||
|
419000
|
remote allocation
|
page execute and read and write
|
||
|
4F89000
|
trusted library allocation
|
page read and write
|
||
|
32DD000
|
trusted library allocation
|
page read and write
|
||
|
A45000
|
heap
|
page read and write
|
||
|
1A80000
|
trusted library allocation
|
page read and write
|
||
|
DBA000
|
trusted library allocation
|
page execute and read and write
|
||
|
2B21000
|
trusted library allocation
|
page read and write
|
||
|
40F000
|
remote allocation
|
page execute and read and write
|
||
|
6BAE000
|
stack
|
page read and write
|
||
|
6E10000
|
trusted library allocation
|
page read and write
|
||
|
331E000
|
trusted library allocation
|
page read and write
|
||
|
4EE0000
|
trusted library allocation
|
page read and write
|
||
|
2B57000
|
trusted library allocation
|
page read and write
|
||
|
29B6000
|
trusted library allocation
|
page read and write
|
||
|
6F5E000
|
stack
|
page read and write
|
||
|
17D0000
|
trusted library allocation
|
page read and write
|
||
|
684D000
|
stack
|
page read and write
|
||
|
17F2000
|
trusted library allocation
|
page read and write
|
||
|
4F80000
|
trusted library allocation
|
page read and write
|
||
|
428000
|
remote allocation
|
page execute and read and write
|
||
|
29B8000
|
trusted library allocation
|
page read and write
|
||
|
5B6C000
|
heap
|
page read and write
|
||
|
31E1000
|
trusted library allocation
|
page read and write
|
||
|
42D1000
|
trusted library allocation
|
page read and write
|
||
|
2F5E000
|
stack
|
page read and write
|
||
|
320F000
|
trusted library allocation
|
page read and write
|
||
|
3160000
|
heap
|
page execute and read and write
|
||
|
57F0000
|
trusted library allocation
|
page read and write
|
||
|
3350000
|
trusted library allocation
|
page read and write
|
||
|
29E2000
|
trusted library allocation
|
page read and write
|
||
|
5B49000
|
trusted library allocation
|
page read and write
|
||
|
5D20000
|
trusted library allocation
|
page execute and read and write
|
||
|
1800000
|
heap
|
page read and write
|
||
|
2E10000
|
trusted library allocation
|
page read and write
|
||
|
1810000
|
trusted library allocation
|
page read and write
|
||
|
331A000
|
trusted library allocation
|
page read and write
|
||
|
2B53000
|
trusted library allocation
|
page read and write
|
||
|
DB0000
|
trusted library allocation
|
page read and write
|
||
|
5EDE000
|
stack
|
page read and write
|
||
|
45F2000
|
trusted library allocation
|
page read and write
|
||
|
32CF000
|
trusted library allocation
|
page read and write
|
||
|
3174000
|
trusted library allocation
|
page read and write
|
||
|
12CE000
|
stack
|
page read and write
|
||
|
5B92000
|
heap
|
page read and write
|
||
|
6F4E000
|
stack
|
page read and write
|
||
|
54E0000
|
trusted library allocation
|
page read and write
|
||
|
DB2000
|
trusted library allocation
|
page read and write
|
||
|
57B0000
|
trusted library allocation
|
page read and write
|
||
|
4EF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
56DE000
|
stack
|
page read and write
|
||
|
1482000
|
heap
|
page read and write
|
||
|
17C0000
|
trusted library allocation
|
page read and write
|
||
|
57CE000
|
trusted library allocation
|
page read and write
|
||
|
32A0000
|
trusted library allocation
|
page read and write
|
||
|
281C000
|
heap
|
page read and write
|
||
|
336B000
|
trusted library allocation
|
page read and write
|
||
|
5D2F000
|
stack
|
page read and write
|
||
|
5314000
|
heap
|
page read and write
|
||
|
6BCE000
|
stack
|
page read and write
|
||
|
5D0A000
|
trusted library allocation
|
page read and write
|
||
|
57D1000
|
trusted library allocation
|
page read and write
|
||
|
2B36000
|
trusted library allocation
|
page read and write
|
||
|
5B2E000
|
stack
|
page read and write
|
||
|
32C6000
|
trusted library allocation
|
page read and write
|
||
|
5D5E000
|
stack
|
page read and write
|
||
|
1560000
|
heap
|
page read and write
|
||
|
15E7000
|
heap
|
page read and write
|
||
|
9CA000
|
heap
|
page read and write
|
||
|
2B3A000
|
trusted library allocation
|
page read and write
|
||
|
423000
|
remote allocation
|
page execute and read and write
|
||
|
418000
|
remote allocation
|
page execute and read and write
|
||
|
31FA000
|
trusted library allocation
|
page read and write
|
||
|
ABE000
|
heap
|
page read and write
|
||
|
57D6000
|
trusted library allocation
|
page read and write
|
||
|
5AFE000
|
trusted library allocation
|
page read and write
|
||
|
4E4F000
|
trusted library allocation
|
page read and write
|
||
|
56EE000
|
stack
|
page read and write
|
||
|
4E60000
|
trusted library allocation
|
page read and write
|
||
|
6FE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4171000
|
trusted library allocation
|
page read and write
|
||
|
29E0000
|
trusted library allocation
|
page read and write
|
||
|
405000
|
remote allocation
|
page execute and read and write
|
||
|
55DE000
|
stack
|
page read and write
|
||
|
7330000
|
heap
|
page read and write
|
||
|
34C6000
|
trusted library allocation
|
page read and write
|
||
|
17D0000
|
trusted library allocation
|
page read and write
|
||
|
2F70000
|
heap
|
page read and write
|
||
|
1389000
|
stack
|
page read and write
|
||
|
319F000
|
trusted library allocation
|
page read and write
|
||
|
AD5000
|
heap
|
page read and write
|
||
|
5B50000
|
heap
|
page execute and read and write
|
||
|
1AD0000
|
heap
|
page read and write
|
||
|
2B4F000
|
trusted library allocation
|
page read and write
|
||
|
9CE000
|
heap
|
page read and write
|
||
|
4F20000
|
trusted library allocation
|
page read and write
|
||
|
2B49000
|
trusted library allocation
|
page read and write
|
||
|
3650000
|
trusted library allocation
|
page read and write
|
||
|
70D0000
|
trusted library allocation
|
page read and write
|
||
|
3316000
|
trusted library allocation
|
page read and write
|
||
|
128A000
|
stack
|
page read and write
|
||
|
5A50000
|
trusted library allocation
|
page read and write
|
||
|
29FF000
|
trusted library allocation
|
page read and write
|
||
|
9B3000
|
trusted library allocation
|
page execute and read and write
|
||
|
161D000
|
heap
|
page read and write
|
||
|
70D7000
|
trusted library allocation
|
page read and write
|
||
|
6FD5000
|
trusted library allocation
|
page read and write
|
||
|
9B0000
|
trusted library allocation
|
page read and write
|
||
|
33DE000
|
trusted library allocation
|
page read and write
|
||
|
322F000
|
stack
|
page read and write
|
||
|
7340000
|
trusted library allocation
|
page execute and read and write
|
||
|
57BB000
|
trusted library allocation
|
page read and write
|
||
|
52D8000
|
trusted library allocation
|
page read and write
|
||
|
93E000
|
stack
|
page read and write
|
||
|
10F7000
|
stack
|
page read and write
|
||
|
2B1D000
|
trusted library allocation
|
page read and write
|
||
|
6CEE000
|
stack
|
page read and write
|
||
|
1807000
|
heap
|
page read and write
|
||
|
334A000
|
trusted library allocation
|
page read and write
|
||
|
708E000
|
stack
|
page read and write
|
||
|
31C4000
|
trusted library allocation
|
page read and write
|
||
|
31D9000
|
trusted library allocation
|
page read and write
|
||
|
6FE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1585000
|
heap
|
page read and write
|
||
|
427000
|
remote allocation
|
page execute and read and write
|
||
|
75A0000
|
heap
|
page read and write
|
||
|
32D1000
|
trusted library allocation
|
page read and write
|
||
|
1670000
|
heap
|
page read and write
|
||
|
1422000
|
trusted library allocation
|
page read and write
|
||
|
29ED000
|
trusted library allocation
|
page read and write
|
||
|
70C7000
|
trusted library allocation
|
page read and write
|
||
|
5D6E000
|
stack
|
page read and write
|
||
|
6D87000
|
heap
|
page read and write
|
||
|
31F6000
|
trusted library allocation
|
page read and write
|
||
|
1440000
|
heap
|
page read and write
|
||
|
40D000
|
remote allocation
|
page execute and read and write
|
||
|
2B70000
|
trusted library allocation
|
page read and write
|
||
|
696E000
|
stack
|
page read and write
|
||
|
17D4000
|
trusted library allocation
|
page read and write
|
||
|
17E0000
|
trusted library allocation
|
page read and write
|
||
|
70C0000
|
trusted library allocation
|
page read and write
|
||
|
27CE000
|
stack
|
page read and write
|
||
|
4FCE000
|
stack
|
page read and write
|
||
|
29FB000
|
trusted library allocation
|
page read and write
|
||
|
1428000
|
trusted library allocation
|
page read and write
|
||
|
2B34000
|
trusted library allocation
|
page read and write
|
||
|
16A8000
|
heap
|
page read and write
|
||
|
333C000
|
trusted library allocation
|
page read and write
|
||
|
6ACD000
|
stack
|
page read and write
|
||
|
594C000
|
stack
|
page read and write
|
||
|
DC2000
|
trusted library allocation
|
page read and write
|
||
|
18B0000
|
trusted library allocation
|
page read and write
|
||
|
31FC000
|
trusted library allocation
|
page read and write
|
||
|
192EA000
|
trusted library allocation
|
page read and write
|
||
|
29E4000
|
trusted library allocation
|
page read and write
|
||
|
5DA0000
|
trusted library allocation
|
page read and write
|
||
|
6FC0000
|
trusted library allocation
|
page read and write
|
||
|
3337000
|
trusted library allocation
|
page read and write
|
||
|
3367000
|
trusted library allocation
|
page read and write
|
||
|
1558000
|
heap
|
page read and write
|
||
|
57BE000
|
trusted library allocation
|
page read and write
|
||
|
692E000
|
stack
|
page read and write
|
||
|
2810000
|
heap
|
page read and write
|
||
|
5C5C000
|
stack
|
page read and write
|
||
|
DB6000
|
trusted library allocation
|
page execute and read and write
|
||
|
335A000
|
trusted library allocation
|
page read and write
|
||
|
4EF8000
|
trusted library allocation
|
page read and write
|
||
|
A83000
|
heap
|
page read and write
|
||
|
16D3000
|
heap
|
page read and write
|
||
|
5B30000
|
heap
|
page read and write
|
||
|
1410000
|
trusted library allocation
|
page read and write
|
||
|
5A52000
|
trusted library allocation
|
page read and write
|
||
|
3365000
|
trusted library allocation
|
page read and write
|
||
|
142D000
|
trusted library allocation
|
page execute and read and write
|
||
|
3331000
|
trusted library allocation
|
page read and write
|
||
|
6BC2000
|
heap
|
page read and write
|
||
|
5A5F000
|
trusted library allocation
|
page read and write
|
||
|
3280000
|
heap
|
page read and write
|
||
|
F10000
|
trusted library allocation
|
page execute and read and write
|
||
|
AC0000
|
trusted library allocation
|
page read and write
|
||
|
31A1000
|
trusted library allocation
|
page read and write
|
||
|
57E2000
|
trusted library allocation
|
page read and write
|
||
|
5AAC000
|
stack
|
page read and write
|
||
|
5B34000
|
heap
|
page read and write
|
||
|
4F4A000
|
trusted library allocation
|
page read and write
|
||
|
4C42000
|
trusted library allocation
|
page read and write
|
||
|
31C6000
|
trusted library allocation
|
page read and write
|
||
|
DAF000
|
stack
|
page read and write
|
||
|
AD0000
|
heap
|
page read and write
|
||
|
27D0000
|
trusted library allocation
|
page read and write
|
||
|
42A000
|
remote allocation
|
page execute and read and write
|
||
|
5D90000
|
trusted library allocation
|
page read and write
|
||
|
40E000
|
remote allocation
|
page execute and read and write
|
||
|
53C000
|
stack
|
page read and write
|
||
|
4F00000
|
trusted library allocation
|
page read and write
|
||
|
2991000
|
trusted library allocation
|
page read and write
|
||
|
596E000
|
stack
|
page read and write
|
||
|
5AF4000
|
trusted library allocation
|
page read and write
|
||
|
163F000
|
stack
|
page read and write
|
||
|
5E0000
|
heap
|
page read and write
|
||
|
6F7D000
|
trusted library allocation
|
page read and write
|
||
|
31AD000
|
trusted library allocation
|
page read and write
|
||
|
18E0000
|
heap
|
page read and write
|
||
|
13F0000
|
heap
|
page read and write
|
||
|
31E7000
|
trusted library allocation
|
page read and write
|
||
|
210000
|
unkown
|
page readonly
|
||
|
31CA000
|
trusted library allocation
|
page read and write
|
||
|
54D5000
|
trusted library allocation
|
page read and write
|
||
|
4E42000
|
trusted library allocation
|
page read and write
|
||
|
5298000
|
trusted library allocation
|
page read and write
|
||
|
413000
|
remote allocation
|
page execute and read and write
|
||
|
2970000
|
trusted library allocation
|
page read and write
|
||
|
425000
|
remote allocation
|
page execute and read and write
|
||
|
3318000
|
trusted library allocation
|
page read and write
|
||
|
41A000
|
remote allocation
|
page execute and read and write
|
||
|
4F10000
|
trusted library allocation
|
page execute and read and write
|
||
|
4291000
|
trusted library allocation
|
page read and write
|
||
|
29E6000
|
trusted library allocation
|
page read and write
|
||
|
1812000
|
trusted library allocation
|
page read and write
|
||
|
1140000
|
heap
|
page read and write
|
||
|
4AF1000
|
trusted library allocation
|
page read and write
|
||
|
2E5E000
|
stack
|
page read and write
|
||
|
1514000
|
heap
|
page read and write
|
||
|
429000
|
remote allocation
|
page execute and read and write
|
||
|
212000
|
unkown
|
page readonly
|
||
|
57CA000
|
trusted library allocation
|
page read and write
|
||
|
6C0E000
|
stack
|
page read and write
|
||
|
7F6C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
50CF000
|
stack
|
page read and write
|
||
|
6D20000
|
heap
|
page read and write
|
||
|
29AE000
|
trusted library allocation
|
page read and write
|
||
|
2CEE000
|
trusted library allocation
|
page read and write
|
||
|
698E000
|
stack
|
page read and write
|
||
|
315E000
|
stack
|
page read and write
|
||
|
17FA000
|
trusted library allocation
|
page execute and read and write
|
||
|
5D78000
|
trusted library allocation
|
page read and write
|
||
|
6F77000
|
trusted library allocation
|
page read and write
|
||
|
16C9000
|
heap
|
page read and write
|
||
|
57CA000
|
trusted library allocation
|
page read and write
|
||
|
1280000
|
heap
|
page read and write
|
||
|
157A000
|
heap
|
page read and write
|
||
|
6FD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
DC7000
|
trusted library allocation
|
page execute and read and write
|
||
|
32C0000
|
heap
|
page read and write
|
||
|
CAF000
|
stack
|
page read and write
|
||
|
1413000
|
trusted library allocation
|
page execute and read and write
|
||
|
57F6000
|
trusted library allocation
|
page read and write
|
||
|
29BD000
|
trusted library allocation
|
page read and write
|
||
|
12D5000
|
heap
|
page read and write
|
||
|
1817000
|
trusted library allocation
|
page execute and read and write
|
||
|
2A05000
|
trusted library allocation
|
page read and write
|
||
|
57D1000
|
trusted library allocation
|
page read and write
|
||
|
57D6000
|
trusted library allocation
|
page read and write
|
||
|
2B4D000
|
trusted library allocation
|
page read and write
|
||
|
5800000
|
heap
|
page read and write
|
||
|
5500000
|
trusted library allocation
|
page execute and read and write
|
||
|
6A8F000
|
stack
|
page read and write
|
||
|
4EC0000
|
trusted library allocation
|
page read and write
|
||
|
1430000
|
trusted library allocation
|
page read and write
|
||
|
126E000
|
stack
|
page read and write
|
||
|
54D0000
|
trusted library allocation
|
page read and write
|
||
|
4788000
|
trusted library allocation
|
page read and write
|
||
|
3352000
|
trusted library allocation
|
page read and write
|
||
|
2B23000
|
trusted library allocation
|
page read and write
|
||
|
2B6A000
|
trusted library allocation
|
page read and write
|
||
|
4ED0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1420000
|
trusted library allocation
|
page read and write
|
||
|
12D0000
|
heap
|
page read and write
|
||
|
3359000
|
trusted library allocation
|
page read and write
|
||
|
70D0000
|
trusted library allocation
|
page read and write
|
||
|
57C2000
|
trusted library allocation
|
page read and write
|
||
|
3306000
|
trusted library allocation
|
page read and write
|
||
|
16D6000
|
heap
|
page read and write
|
||
|
57DD000
|
trusted library allocation
|
page read and write
|
||
|
31E3000
|
trusted library allocation
|
page read and write
|
||
|
417000
|
remote allocation
|
page execute and read and write
|
||
|
6F87000
|
trusted library allocation
|
page read and write
|
||
|
1820000
|
heap
|
page read and write
|
||
|
4F21000
|
trusted library allocation
|
page read and write
|
||
|
5EB0000
|
heap
|
page read and write
|
||
|
1A90000
|
trusted library allocation
|
page read and write
|
||
|
181B000
|
trusted library allocation
|
page execute and read and write
|
||
|
6E19000
|
trusted library allocation
|
page read and write
|
||
|
57CE000
|
trusted library allocation
|
page read and write
|
||
|
9E8000
|
heap
|
page read and write
|
||
|
54F0000
|
trusted library allocation
|
page read and write
|
||
|
2B68000
|
trusted library allocation
|
page read and write
|
||
|
4E26000
|
trusted library allocation
|
page read and write
|
||
|
4A1A000
|
trusted library allocation
|
page read and write
|
||
|
3291000
|
trusted library allocation
|
page read and write
|
||
|
403000
|
remote allocation
|
page execute and read and write
|
||
|
5D65000
|
trusted library allocation
|
page read and write
|
||
|
31EA000
|
trusted library allocation
|
page read and write
|
||
|
331D000
|
trusted library allocation
|
page read and write
|
||
|
177A000
|
heap
|
page read and write
|
||
|
6F70000
|
trusted library allocation
|
page read and write
|
||
|
4FE0000
|
trusted library allocation
|
page read and write
|
||
|
5AF0000
|
trusted library allocation
|
page read and write
|
||
|
411000
|
remote allocation
|
page execute and read and write
|
||
|
18DD000
|
trusted library allocation
|
page execute and read and write
|
||
|
5810000
|
heap
|
page read and write
|
||
|
2B51000
|
trusted library allocation
|
page read and write
|
||
|
42B9000
|
trusted library allocation
|
page read and write
|
||
|
3333000
|
trusted library allocation
|
page read and write
|
||
|
42C000
|
remote allocation
|
page execute and read and write
|
||
|
1432000
|
trusted library allocation
|
page read and write
|
||
|
1220000
|
heap
|
page read and write
|
||
|
407000
|
remote allocation
|
page execute and read and write
|
||
|
17D7000
|
trusted library allocation
|
page execute and read and write
|
||
|
54E0000
|
trusted library allocation
|
page read and write
|
||
|
6FF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1AD7000
|
heap
|
page read and write
|
||
|
29FD000
|
trusted library allocation
|
page read and write
|
||
|
402000
|
remote allocation
|
page execute and read and write
|
||
|
2E39000
|
trusted library allocation
|
page read and write
|
||
|
1790000
|
heap
|
page read and write
|
||
|
582E000
|
stack
|
page read and write
|
||
|
4E80000
|
heap
|
page execute and read and write
|
||
|
420000
|
remote allocation
|
page execute and read and write
|
||
|
5B10000
|
trusted library allocation
|
page read and write
|
||
|
3270000
|
trusted library allocation
|
page read and write
|
||
|
57B0000
|
trusted library allocation
|
page read and write
|
||
|
5EAE000
|
stack
|
page read and write
|
||
|
6F70000
|
trusted library allocation
|
page read and write
|
||
|
4EB0000
|
trusted library allocation
|
page read and write
|
||
|
31CF000
|
trusted library allocation
|
page read and write
|
||
|
2B45000
|
trusted library allocation
|
page read and write
|
||
|
57F4000
|
trusted library allocation
|
page read and write
|
||
|
7F0D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
57C2000
|
trusted library allocation
|
page read and write
|
||
|
29D1000
|
trusted library allocation
|
page read and write
|
||
|
5E10000
|
trusted library allocation
|
page execute and read and write
|
||
|
336D000
|
trusted library allocation
|
page read and write
|
||
|
2A03000
|
trusted library allocation
|
page read and write
|
||
|
2980000
|
heap
|
page execute and read and write
|
||
|
6C17000
|
heap
|
page read and write
|
||
|
54D0000
|
trusted library allocation
|
page read and write
|
||
|
1520000
|
heap
|
page read and write
|
||
|
29BA000
|
trusted library allocation
|
page read and write
|
||
|
5A7F000
|
trusted library allocation
|
page read and write
|
||
|
5D00000
|
trusted library allocation
|
page read and write
|
||
|
9B4000
|
trusted library allocation
|
page read and write
|
||
|
173D000
|
heap
|
page read and write
|
||
|
4E40000
|
trusted library allocation
|
page read and write
|
||
|
6F78000
|
trusted library allocation
|
page read and write
|
||
|
5B00000
|
trusted library allocation
|
page execute and read and write
|
||
|
5B58000
|
heap
|
page read and write
|
||
|
1AC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4E9E000
|
trusted library allocation
|
page read and write
|
||
|
4335000
|
trusted library allocation
|
page read and write
|
||
|
2B25000
|
trusted library allocation
|
page read and write
|
||
|
421000
|
remote allocation
|
page execute and read and write
|
||
|
3180000
|
heap
|
page execute and read and write
|
||
|
17F6000
|
trusted library allocation
|
page execute and read and write
|
||
|
144A000
|
heap
|
page read and write
|
||
|
31A9000
|
trusted library allocation
|
page read and write
|
||
|
5A70000
|
trusted library allocation
|
page read and write
|
||
|
5AE0000
|
heap
|
page execute and read and write
|
||
|
1741000
|
heap
|
page read and write
|
||
|
45C7000
|
trusted library allocation
|
page read and write
|
||
|
2B6C000
|
trusted library allocation
|
page read and write
|
||
|
6AAD000
|
stack
|
page read and write
|
||
|
1A92000
|
trusted library allocation
|
page read and write
|
||
|
A49000
|
heap
|
page read and write
|
||
|
6FD0000
|
trusted library allocation
|
page read and write
|
||
|
4F60000
|
trusted library allocation
|
page read and write
|
||
|
30E0000
|
trusted library allocation
|
page read and write
|
||
|
4BC5000
|
trusted library allocation
|
page read and write
|
||
|
1414000
|
trusted library allocation
|
page read and write
|
||
|
13DF000
|
stack
|
page read and write
|
||
|
31E5000
|
trusted library allocation
|
page read and write
|
||
|
27E0000
|
trusted library allocation
|
page read and write
|
||
|
5D70000
|
trusted library allocation
|
page read and write
|
||
|
581E000
|
stack
|
page read and write
|
||
|
1440000
|
heap
|
page read and write
|
||
|
5E6E000
|
stack
|
page read and write
|
||
|
9A0000
|
trusted library allocation
|
page read and write
|
||
|
29CF000
|
trusted library allocation
|
page read and write
|
||
|
6291000
|
trusted library allocation
|
page read and write
|
||
|
5810000
|
heap
|
page read and write
|
||
|
2B3E000
|
trusted library allocation
|
page read and write
|
||
|
1815000
|
trusted library allocation
|
page execute and read and write
|
||
|
17F0000
|
trusted library allocation
|
page read and write
|
||
|
31AB000
|
trusted library allocation
|
page read and write
|
||
|
6F6D000
|
trusted library allocation
|
page read and write
|
||
|
1611000
|
heap
|
page read and write
|
||
|
F20000
|
heap
|
page read and write
|
||
|
660E000
|
stack
|
page read and write
|
||
|
75D0000
|
heap
|
page read and write
|
||
|
5D74000
|
trusted library allocation
|
page read and write
|
||
|
4E52000
|
trusted library allocation
|
page read and write
|
||
|
5AC0000
|
trusted library allocation
|
page read and write
|
||
|
3200000
|
trusted library allocation
|
page read and write
|
||
|
2B1F000
|
trusted library allocation
|
page read and write
|
||
|
416000
|
remote allocation
|
page execute and read and write
|
||
|
3100000
|
trusted library allocation
|
page read and write
|
||
|
5A8B000
|
trusted library allocation
|
page read and write
|
||
|
5AD0000
|
trusted library allocation
|
page read and write
|
||
|
5AAF000
|
stack
|
page read and write
|
||
|
144E000
|
heap
|
page read and write
|
||
|
97E000
|
stack
|
page read and write
|
||
|
5D76000
|
trusted library allocation
|
page read and write
|
||
|
5D8A000
|
trusted library allocation
|
page read and write
|
||
|
DCB000
|
trusted library allocation
|
page execute and read and write
|
||
|
ACD000
|
trusted library allocation
|
page execute and read and write
|
||
|
5A80000
|
trusted library allocation
|
page read and write
|
||
|
42F9000
|
trusted library allocation
|
page read and write
|
||
|
A40000
|
heap
|
page read and write
|
||
|
5B20000
|
trusted library allocation
|
page execute and read and write
|
||
|
6D0E000
|
stack
|
page read and write
|
||
|
54B0000
|
heap
|
page read and write
|
||
|
410000
|
remote allocation
|
page execute and read and write
|
||
|
32B0000
|
heap
|
page execute and read and write
|
||
|
18D0000
|
trusted library allocation
|
page read and write
|
||
|
426000
|
remote allocation
|
page execute and read and write
|
||
|
5E9F000
|
stack
|
page read and write
|
||
|
5AF7000
|
trusted library allocation
|
page read and write
|
||
|
694E000
|
stack
|
page read and write
|
||
|
29B4000
|
trusted library allocation
|
page read and write
|
||
|
5803000
|
heap
|
page read and write
|
||
|
1A8A000
|
trusted library allocation
|
page execute and read and write
|
||
|
9BD000
|
trusted library allocation
|
page execute and read and write
|
||
|
1711000
|
heap
|
page read and write
|
||
|
6F60000
|
trusted library allocation
|
page read and write
|
||
|
2F7C000
|
heap
|
page read and write
|
||
|
415000
|
remote allocation
|
page execute and read and write
|
||
|
332F000
|
trusted library allocation
|
page read and write
|
||
|
2B72000
|
trusted library allocation
|
page read and write
|
||
|
3110000
|
heap
|
page read and write
|
||
|
406000
|
remote allocation
|
page execute and read and write
|
||
|
5D10000
|
trusted library allocation
|
page execute and read and write
|
||
|
8F7000
|
stack
|
page read and write
|
||
|
143A000
|
trusted library allocation
|
page execute and read and write
|
||
|
17D2000
|
trusted library allocation
|
page read and write
|
||
|
3354000
|
trusted library allocation
|
page read and write
|
||
|
27F0000
|
heap
|
page read and write
|
||
|
5910000
|
trusted library allocation
|
page read and write
|
||
|
3369000
|
trusted library allocation
|
page read and write
|
||
|
E30000
|
trusted library allocation
|
page read and write
|
||
|
409000
|
remote allocation
|
page execute and read and write
|
||
|
59A3000
|
heap
|
page read and write
|
||
|
1550000
|
heap
|
page read and write
|
||
|
331A000
|
trusted library allocation
|
page read and write
|
||
|
2B19000
|
trusted library allocation
|
page read and write
|
||
|
1436000
|
trusted library allocation
|
page execute and read and write
|
||
|
14B6000
|
heap
|
page read and write
|
||
|
29B2000
|
trusted library allocation
|
page read and write
|
||
|
9C0000
|
heap
|
page read and write
|
||
|
586E000
|
stack
|
page read and write
|
||
|
4741000
|
trusted library allocation
|
page read and write
|
||
|
3170000
|
trusted library allocation
|
page read and write
|
||
|
17F0000
|
trusted library allocation
|
page read and write
|
||
|
31CC000
|
trusted library allocation
|
page read and write
|
||
|
31DF000
|
trusted library allocation
|
page read and write
|
||
|
3211000
|
trusted library allocation
|
page read and write
|
||
|
2CC5000
|
trusted library allocation
|
page read and write
|
||
|
5C2E000
|
stack
|
page read and write
|
||
|
5D9E000
|
stack
|
page read and write
|
||
|
1400000
|
heap
|
page read and write
|
||
|
6F73000
|
trusted library allocation
|
page read and write
|
||
|
31C2000
|
trusted library allocation
|
page read and write
|
||
|
7310000
|
trusted library allocation
|
page read and write
|
||
|
2B40000
|
trusted library allocation
|
page read and write
|
||
|
1800000
|
heap
|
page read and write
|
||
|
17DB000
|
trusted library allocation
|
page execute and read and write
|
||
|
16BE000
|
heap
|
page read and write
|
||
|
5B0000
|
heap
|
page read and write
|
||
|
591E000
|
trusted library allocation
|
page read and write
|
||
|
326C000
|
stack
|
page read and write
|
||
|
AC8000
|
trusted library allocation
|
page read and write
|
||
|
1445000
|
heap
|
page read and write
|
||
|
9F5000
|
heap
|
page read and write
|
||
|
1A95000
|
trusted library allocation
|
page execute and read and write
|
||
|
5310000
|
heap
|
page read and write
|
||
|
6D10000
|
heap
|
page read and write
|
||
|
2F60000
|
trusted library allocation
|
page execute and read and write
|
||
|
32DC000
|
trusted library allocation
|
page read and write
|
||
|
3160000
|
trusted library allocation
|
page read and write
|
||
|
29F9000
|
trusted library allocation
|
page read and write
|
||
|
546E000
|
stack
|
page read and write
|
||
|
5470000
|
trusted library allocation
|
page execute and read and write
|
||
|
42E000
|
remote allocation
|
page execute and read and write
|
||
|
29CD000
|
trusted library allocation
|
page read and write
|
||
|
707E000
|
stack
|
page read and write
|
||
|
5B40000
|
trusted library allocation
|
page read and write
|
||
|
6DEE000
|
stack
|
page read and write
|
||
|
331C000
|
trusted library allocation
|
page read and write
|
||
|
2F79000
|
heap
|
page read and write
|
||
|
57BB000
|
trusted library allocation
|
page read and write
|
||
|
5800000
|
heap
|
page read and write
|
||
|
4F35000
|
trusted library allocation
|
page read and write
|
||
|
6BFB000
|
heap
|
page read and write
|
||
|
312E000
|
stack
|
page read and write
|
||
|
3329000
|
trusted library allocation
|
page read and write
|
||
|
34EF000
|
trusted library allocation
|
page read and write
|
||
|
414000
|
remote allocation
|
page execute and read and write
|
||
|
6E4E000
|
stack
|
page read and write
|
||
|
31AF000
|
trusted library allocation
|
page read and write
|
||
|
47F1000
|
trusted library allocation
|
page read and write
|
||
|
17ED000
|
trusted library allocation
|
page execute and read and write
|
||
|
29C9000
|
trusted library allocation
|
page read and write
|
||
|
29EA000
|
trusted library allocation
|
page read and write
|
||
|
5510000
|
trusted library section
|
page read and write
|
||
|
5C30000
|
trusted library allocation
|
page read and write
|
||
|
46BE000
|
trusted library allocation
|
page read and write
|
||
|
5B30000
|
heap
|
page read and write
|
||
|
57BE000
|
trusted library allocation
|
page read and write
|
||
|
DDC000
|
stack
|
page read and write
|
||
|
1A82000
|
trusted library allocation
|
page read and write
|
||
|
57B6000
|
trusted library allocation
|
page read and write
|
||
|
320D000
|
trusted library allocation
|
page read and write
|
||
|
2B17000
|
trusted library allocation
|
page read and write
|
||
|
7291000
|
trusted library allocation
|
page read and write
|
||
|
42B000
|
remote allocation
|
page execute and read and write
|
||
|
6E5E000
|
stack
|
page read and write
|
||
|
2B1B000
|
trusted library allocation
|
page read and write
|
||
|
334C000
|
trusted library allocation
|
page read and write
|
||
|
1A97000
|
trusted library allocation
|
page execute and read and write
|
||
|
6F80000
|
trusted library allocation
|
page read and write
|
||
|
5342000
|
heap
|
page read and write
|
||
|
4F30000
|
trusted library section
|
page read and write
|
||
|
5A74000
|
trusted library allocation
|
page read and write
|
||
|
30F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
536C000
|
stack
|
page read and write
|
||
|
57F0000
|
trusted library allocation
|
page read and write
|
||
|
16A0000
|
heap
|
page read and write
|
||
|
6D52000
|
heap
|
page read and write
|
||
|
1565000
|
heap
|
page read and write
|
||
|
4E4E000
|
trusted library allocation
|
page read and write
|
||
|
57DD000
|
trusted library allocation
|
page read and write
|
||
|
656E000
|
stack
|
page read and write
|
||
|
109A000
|
stack
|
page read and write
|
||
|
173F000
|
heap
|
page read and write
|
||
|
18C0000
|
trusted library allocation
|
page read and write
|
||
|
54C5000
|
trusted library allocation
|
page read and write
|
||
|
31C0000
|
trusted library allocation
|
page read and write
|
||
|
5820000
|
heap
|
page read and write
|
||
|
291D000
|
stack
|
page read and write
|
||
|
5FB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1199000
|
stack
|
page read and write
|
||
|
1A86000
|
trusted library allocation
|
page execute and read and write
|
||
|
F0C000
|
stack
|
page read and write
|
||
|
5A0000
|
heap
|
page read and write
|
||
|
2B5A000
|
trusted library allocation
|
page read and write
|
||
|
57E2000
|
trusted library allocation
|
page read and write
|
||
|
330F000
|
trusted library allocation
|
page read and write
|
||
|
980000
|
heap
|
page read and write
|
||
|
31DD000
|
trusted library allocation
|
page read and write
|
||
|
59AE000
|
stack
|
page read and write
|
||
|
3171000
|
trusted library allocation
|
page read and write
|
||
|
5480000
|
trusted library allocation
|
page execute and read and write
|
||
|
4F68000
|
trusted library allocation
|
page read and write
|
||
|
5AE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
295E000
|
stack
|
page read and write
|
||
|
5710000
|
trusted library allocation
|
page execute and read and write
|
||
|
31EC000
|
trusted library allocation
|
page read and write
|
||
|
571E000
|
stack
|
page read and write
|
||
|
439E000
|
trusted library allocation
|
page read and write
|
||
|
408000
|
remote allocation
|
page execute and read and write
|
||
|
70E0000
|
trusted library allocation
|
page read and write
|
||
|
54D6000
|
trusted library allocation
|
page read and write
|
||
|
682D000
|
stack
|
page read and write
|
||
|
7340000
|
heap
|
page read and write
|
||
|
A02000
|
heap
|
page read and write
|
||
|
2B3C000
|
trusted library allocation
|
page read and write
|
||
|
174B000
|
heap
|
page read and write
|
||
|
546E000
|
stack
|
page read and write
|
||
|
5A62000
|
trusted library allocation
|
page read and write
|
||
|
31F8000
|
trusted library allocation
|
page read and write
|
||
|
315E000
|
stack
|
page read and write
|
||
|
42D000
|
remote allocation
|
page execute and read and write
|
||
|
5A58000
|
trusted library allocation
|
page read and write
|
||
|
7350000
|
trusted library allocation
|
page execute and read and write
|
||
|
54F0000
|
heap
|
page read and write
|
||
|
6FCD000
|
stack
|
page read and write
|
||
|
31FE000
|
trusted library allocation
|
page read and write
|
||
|
3339000
|
trusted library allocation
|
page read and write
|
||
|
1400000
|
trusted library allocation
|
page read and write
|
||
|
4E3F000
|
stack
|
page read and write
|
||
|
328E000
|
stack
|
page read and write
|
||
|
17DD000
|
trusted library allocation
|
page execute and read and write
|
||
|
6A6E000
|
stack
|
page read and write
|
||
|
31C8000
|
trusted library allocation
|
page read and write
|
||
|
57B6000
|
trusted library allocation
|
page read and write
|
||
|
E2E000
|
stack
|
page read and write
|
||
|
5BEB000
|
stack
|
page read and write
|
||
|
3335000
|
trusted library allocation
|
page read and write
|
||
|
59A0000
|
heap
|
page read and write
|
||
|
1475000
|
heap
|
page read and write
|
||
|
31B1000
|
trusted library allocation
|
page read and write
|
||
|
357C000
|
trusted library allocation
|
page read and write
|
||
|
AB8000
|
heap
|
page read and write
|
||
|
6BB0000
|
heap
|
page read and write
|
||
|
422000
|
remote allocation
|
page execute and read and write
|
||
|
14BF000
|
heap
|
page read and write
|
||
|
7300000
|
trusted library allocation
|
page read and write
|
||
|
141D000
|
trusted library allocation
|
page execute and read and write
|
||
|
6FBD000
|
stack
|
page read and write
|
||
|
18CD000
|
trusted library allocation
|
page execute and read and write
|
||
|
42F5000
|
trusted library allocation
|
page read and write
|
||
|
5C32000
|
trusted library allocation
|
page read and write
|
||
|
2F77000
|
heap
|
page read and write
|
||
|
4EE4000
|
trusted library allocation
|
page read and write
|
||
|
1AB0000
|
trusted library allocation
|
page read and write
|
||
|
5D80000
|
trusted library allocation
|
page read and write
|
||
|
3321000
|
trusted library allocation
|
page read and write
|
||
|
360A000
|
trusted library allocation
|
page read and write
|
||
|
4E48000
|
trusted library allocation
|
page read and write
|
||
|
1A9B000
|
trusted library allocation
|
page execute and read and write
|
||
|
1587000
|
heap
|
page read and write
|
There are 626 hidden memdumps, click here to show them.