Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
TEKL#U0130F TALEP VE F#U0130YAT TEKL#U0130F#U0130 05-27-2024_xlsx.scr.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\tmp6CFF.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\QXnCjDPniyIC.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\QXnCjDPniyIC.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\TEKL#U0130F TALEP VE F#U0130YAT TEKL#U0130F#U0130 05-27-2024_xlsx.scr.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_14rlrsxi.hcf.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_1et2pkng.o1e.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_bg5qe0yc.gnx.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_bukwfdqq.3hn.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_eneqefyk.pst.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_fsmnhdui.zcc.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_npqr5y53.ggi.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_rycugijx.alg.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmp9279.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\QXnCjDPniyIC.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
There are 6 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\TEKL#U0130F TALEP VE F#U0130YAT TEKL#U0130F#U0130 05-27-2024_xlsx.scr.exe
|
"C:\Users\user\Desktop\TEKL#U0130F TALEP VE F#U0130YAT TEKL#U0130F#U0130 05-27-2024_xlsx.scr.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\Desktop\TEKL#U0130F
TALEP VE F#U0130YAT TEKL#U0130F#U0130 05-27-2024_xlsx.scr.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\AppData\Roaming\QXnCjDPniyIC.exe"
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\QXnCjDPniyIC" /XML "C:\Users\user\AppData\Local\Temp\tmp6CFF.tmp"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\QXnCjDPniyIC.exe
|
C:\Users\user\AppData\Roaming\QXnCjDPniyIC.exe
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\QXnCjDPniyIC" /XML "C:\Users\user\AppData\Local\Temp\tmp9279.tmp"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\wbem\WmiPrvSE.exe
|
C:\Windows\system32\wbem\wmiprvse.exe -secured -Embedding
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 3 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://crt.sectigo.com/SectigoRSADomainValidationSecureServerCA.crt0#
|
unknown
|
||
|
https://sectigo.com/CPS0
|
unknown
|
||
|
https://account.dyn.com/
|
unknown
|
||
|
http://ocsp.sectigo.com0
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://www.chiark.greenend.org.uk/~sgtatham/putty/0
|
unknown
|
||
|
http://cp8nl.hyperhost.ua
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
cp8nl.hyperhost.ua
|
185.174.175.187
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
185.174.175.187
|
cp8nl.hyperhost.ua
|
Ukraine
|
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2A6E000
|
trusted library allocation
|
page read and write
|
|
|
|
4564000
|
trusted library allocation
|
page read and write
|
|
|
|
2A57000
|
trusted library allocation
|
page read and write
|
|
|
|
402000
|
remote allocation
|
page execute and read and write
|
|
|
|
3191000
|
trusted library allocation
|
page read and write
|
|
|
|
2A99000
|
trusted library allocation
|
page read and write
|
|
|
|
4ADB000
|
trusted library allocation
|
page read and write
|
|
|
|
31DE000
|
trusted library allocation
|
page read and write
|
|
|
|
3209000
|
trusted library allocation
|
page read and write
|
|
|
|
936E000
|
heap
|
page read and write
|
||
|
13A0000
|
trusted library allocation
|
page read and write
|
||
|
DCEE000
|
stack
|
page read and write
|
||
|
5B0F000
|
stack
|
page read and write
|
||
|
9940000
|
heap
|
page read and write
|
||
|
55FC000
|
stack
|
page read and write
|
||
|
45A9000
|
trusted library allocation
|
page read and write
|
||
|
1650000
|
heap
|
page read and write
|
||
|
3290000
|
trusted library section
|
page readonly
|
||
|
5CD6000
|
trusted library allocation
|
page read and write
|
||
|
29DF000
|
stack
|
page read and write
|
||
|
1490000
|
trusted library allocation
|
page read and write
|
||
|
F80000
|
trusted library allocation
|
page read and write
|
||
|
FF0000
|
heap
|
page read and write
|
||
|
4191000
|
trusted library allocation
|
page read and write
|
||
|
8040000
|
heap
|
page execute and read and write
|
||
|
F50000
|
trusted library allocation
|
page read and write
|
||
|
CB0000
|
heap
|
page read and write
|
||
|
17DA000
|
trusted library allocation
|
page execute and read and write
|
||
|
7C64000
|
heap
|
page read and write
|
||
|
2EDD000
|
trusted library allocation
|
page read and write
|
||
|
5CF0000
|
trusted library allocation
|
page read and write
|
||
|
56FD000
|
trusted library allocation
|
page read and write
|
||
|
D9BF000
|
heap
|
page read and write
|
||
|
6710000
|
trusted library allocation
|
page read and write
|
||
|
3A0B000
|
trusted library allocation
|
page read and write
|
||
|
5161000
|
trusted library allocation
|
page read and write
|
||
|
14B0000
|
heap
|
page read and write
|
||
|
32D0000
|
trusted library allocation
|
page read and write
|
||
|
2AA9000
|
trusted library allocation
|
page read and write
|
||
|
2AA1000
|
trusted library allocation
|
page read and write
|
||
|
33D0000
|
trusted library allocation
|
page read and write
|
||
|
4F50000
|
trusted library allocation
|
page read and write
|
||
|
17B4000
|
trusted library allocation
|
page read and write
|
||
|
910000
|
heap
|
page read and write
|
||
|
578C000
|
stack
|
page read and write
|
||
|
F34000
|
trusted library allocation
|
page read and write
|
||
|
13D0000
|
trusted library allocation
|
page read and write
|
||
|
4E10000
|
heap
|
page read and write
|
||
|
53C0000
|
trusted library allocation
|
page read and write
|
||
|
D76E000
|
stack
|
page read and write
|
||
|
5D50000
|
trusted library allocation
|
page read and write
|
||
|
AF80000
|
trusted library allocation
|
page read and write
|
||
|
310E000
|
stack
|
page read and write
|
||
|
6CFE000
|
stack
|
page read and write
|
||
|
164E000
|
stack
|
page read and write
|
||
|
5702000
|
trusted library allocation
|
page read and write
|
||
|
1880000
|
heap
|
page read and write
|
||
|
9940000
|
trusted library section
|
page read and write
|
||
|
4F71000
|
trusted library allocation
|
page read and write
|
||
|
5069000
|
trusted library allocation
|
page read and write
|
||
|
450000
|
heap
|
page read and write
|
||
|
1870000
|
trusted library allocation
|
page execute and read and write
|
||
|
5A53000
|
heap
|
page read and write
|
||
|
4DF3000
|
trusted library allocation
|
page read and write
|
||
|
4F5E000
|
trusted library allocation
|
page read and write
|
||
|
7C30000
|
heap
|
page read and write
|
||
|
77A1000
|
trusted library allocation
|
page read and write
|
||
|
16BF000
|
stack
|
page read and write
|
||
|
38DB000
|
trusted library allocation
|
page read and write
|
||
|
3A49000
|
trusted library allocation
|
page read and write
|
||
|
13DB000
|
trusted library allocation
|
page execute and read and write
|
||
|
1868000
|
heap
|
page read and write
|
||
|
35E4000
|
trusted library allocation
|
page read and write
|
||
|
6530000
|
heap
|
page read and write
|
||
|
6670000
|
trusted library allocation
|
page read and write
|
||
|
17B0000
|
trusted library allocation
|
page read and write
|
||
|
104E000
|
stack
|
page read and write
|
||
|
5E4C000
|
heap
|
page read and write
|
||
|
14E5000
|
heap
|
page read and write
|
||
|
4F54000
|
trusted library allocation
|
page read and write
|
||
|
80A000
|
stack
|
page read and write
|
||
|
5CF6000
|
trusted library allocation
|
page read and write
|
||
|
13BD000
|
trusted library allocation
|
page execute and read and write
|
||
|
17B3000
|
trusted library allocation
|
page execute and read and write
|
||
|
E3A000
|
heap
|
page read and write
|
||
|
6534000
|
heap
|
page read and write
|
||
|
4EDE000
|
trusted library allocation
|
page read and write
|
||
|
4E20000
|
heap
|
page read and write
|
||
|
DBEE000
|
stack
|
page read and write
|
||
|
38D3000
|
trusted library allocation
|
page read and write
|
||
|
4F6A000
|
trusted library allocation
|
page read and write
|
||
|
366F000
|
trusted library allocation
|
page read and write
|
||
|
53F0000
|
heap
|
page read and write
|
||
|
AF9000
|
stack
|
page read and write
|
||
|
14D0000
|
trusted library allocation
|
page read and write
|
||
|
11D0000
|
heap
|
page read and write
|
||
|
3390000
|
trusted library allocation
|
page read and write
|
||
|
2F70000
|
heap
|
page read and write
|
||
|
2A2C000
|
trusted library allocation
|
page read and write
|
||
|
77C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
9C00000
|
trusted library allocation
|
page execute and read and write
|
||
|
9F3E000
|
stack
|
page read and write
|
||
|
66BF000
|
stack
|
page read and write
|
||
|
4FEC000
|
trusted library allocation
|
page read and write
|
||
|
33F0000
|
heap
|
page read and write
|
||
|
7BDE000
|
stack
|
page read and write
|
||
|
38ED000
|
trusted library allocation
|
page read and write
|
||
|
66A0000
|
heap
|
page read and write
|
||
|
50CC000
|
stack
|
page read and write
|
||
|
45A5000
|
trusted library allocation
|
page read and write
|
||
|
2BEE000
|
stack
|
page read and write
|
||
|
29E0000
|
trusted library allocation
|
page read and write
|
||
|
145E000
|
stack
|
page read and write
|
||
|
38FF000
|
trusted library allocation
|
page read and write
|
||
|
7CD000
|
stack
|
page read and write
|
||
|
14F7000
|
stack
|
page read and write
|
||
|
EE4000
|
heap
|
page read and write
|
||
|
DD0000
|
heap
|
page read and write
|
||
|
7110000
|
heap
|
page read and write
|
||
|
1A72000
|
trusted library allocation
|
page read and write
|
||
|
13C2000
|
trusted library allocation
|
page read and write
|
||
|
BB0000
|
heap
|
page read and write
|
||
|
29D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7F680000
|
trusted library allocation
|
page execute and read and write
|
||
|
F3D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2E8A000
|
trusted library allocation
|
page read and write
|
||
|
4F43000
|
heap
|
page read and write
|
||
|
4F0000
|
heap
|
page read and write
|
||
|
77AD000
|
trusted library allocation
|
page read and write
|
||
|
2A04000
|
trusted library allocation
|
page read and write
|
||
|
DBAE000
|
stack
|
page read and write
|
||
|
90F000
|
unkown
|
page read and write
|
||
|
D9A2000
|
heap
|
page read and write
|
||
|
3A88000
|
trusted library allocation
|
page read and write
|
||
|
38E3000
|
trusted library allocation
|
page read and write
|
||
|
7E40000
|
trusted library allocation
|
page read and write
|
||
|
179F000
|
stack
|
page read and write
|
||
|
17E0000
|
trusted library allocation
|
page read and write
|
||
|
6C2E000
|
stack
|
page read and write
|
||
|
32E0000
|
trusted library allocation
|
page read and write
|
||
|
658A000
|
heap
|
page read and write
|
||
|
10D1000
|
heap
|
page read and write
|
||
|
31F9000
|
trusted library allocation
|
page read and write
|
||
|
5CCE000
|
stack
|
page read and write
|
||
|
E47000
|
heap
|
page read and write
|
||
|
5D4D000
|
stack
|
page read and write
|
||
|
7930000
|
trusted library allocation
|
page read and write
|
||
|
D870000
|
heap
|
page read and write
|
||
|
41F9000
|
trusted library allocation
|
page read and write
|
||
|
1695000
|
heap
|
page read and write
|
||
|
17D2000
|
trusted library allocation
|
page read and write
|
||
|
66B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
59CC000
|
stack
|
page read and write
|
||
|
79BE000
|
stack
|
page read and write
|
||
|
F30000
|
trusted library allocation
|
page read and write
|
||
|
53D0000
|
trusted library allocation
|
page read and write
|
||
|
6BEE000
|
stack
|
page read and write
|
||
|
739E000
|
stack
|
page read and write
|
||
|
D66E000
|
stack
|
page read and write
|
||
|
9E0000
|
unkown
|
page execute and read and write
|
||
|
4A28000
|
trusted library allocation
|
page read and write
|
||
|
33B6000
|
trusted library allocation
|
page read and write
|
||
|
2A21000
|
trusted library allocation
|
page read and write
|
||
|
6DCE000
|
stack
|
page read and write
|
||
|
6ECF000
|
stack
|
page read and write
|
||
|
4F00000
|
trusted library allocation
|
page read and write
|
||
|
1402000
|
heap
|
page read and write
|
||
|
3180000
|
heap
|
page execute and read and write
|
||
|
AB9000
|
unkown
|
page execute and read and write
|
||
|
5D00000
|
trusted library allocation
|
page execute and read and write
|
||
|
13E1000
|
heap
|
page read and write
|
||
|
4F7D000
|
trusted library allocation
|
page read and write
|
||
|
F62000
|
trusted library allocation
|
page read and write
|
||
|
5798000
|
trusted library allocation
|
page read and write
|
||
|
7E00000
|
heap
|
page read and write
|
||
|
14C0000
|
trusted library allocation
|
page read and write
|
||
|
328B000
|
stack
|
page read and write
|
||
|
74F000
|
stack
|
page read and write
|
||
|
38EF000
|
trusted library allocation
|
page read and write
|
||
|
4A9D000
|
trusted library allocation
|
page read and write
|
||
|
2C30000
|
heap
|
page execute and read and write
|
||
|
56E2000
|
trusted library allocation
|
page read and write
|
||
|
38F1000
|
trusted library allocation
|
page read and write
|
||
|
DF5E000
|
stack
|
page read and write
|
||
|
3211000
|
trusted library allocation
|
page read and write
|
||
|
E10000
|
heap
|
page read and write
|
||
|
1850000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FAD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7960000
|
trusted library allocation
|
page execute and read and write
|
||
|
642F000
|
stack
|
page read and write
|
||
|
1897000
|
heap
|
page read and write
|
||
|
13A4000
|
trusted library allocation
|
page read and write
|
||
|
1480000
|
trusted library allocation
|
page read and write
|
||
|
5CD0000
|
trusted library allocation
|
page read and write
|
||
|
B4A000
|
stack
|
page read and write
|
||
|
38FD000
|
trusted library allocation
|
page read and write
|
||
|
3A21000
|
trusted library allocation
|
page read and write
|
||
|
FE0000
|
heap
|
page read and write
|
||
|
2A87000
|
trusted library allocation
|
page read and write
|
||
|
13CA000
|
trusted library allocation
|
page execute and read and write
|
||
|
6E70000
|
trusted library allocation
|
page execute and read and write
|
||
|
56D6000
|
trusted library allocation
|
page read and write
|
||
|
138E000
|
stack
|
page read and write
|
||
|
38E1000
|
trusted library allocation
|
page read and write
|
||
|
1860000
|
trusted library allocation
|
page read and write
|
||
|
108D000
|
stack
|
page read and write
|
||
|
17EB000
|
trusted library allocation
|
page execute and read and write
|
||
|
2EDE000
|
stack
|
page read and write
|
||
|
38D7000
|
trusted library allocation
|
page read and write
|
||
|
2C70000
|
trusted library allocation
|
page read and write
|
||
|
5A50000
|
heap
|
page read and write
|
||
|
13A3000
|
trusted library allocation
|
page execute and read and write
|
||
|
9950000
|
trusted library allocation
|
page read and write
|
||
|
F33000
|
trusted library allocation
|
page execute and read and write
|
||
|
29F0000
|
trusted library allocation
|
page read and write
|
||
|
6F0E000
|
stack
|
page read and write
|
||
|
2A95000
|
trusted library allocation
|
page read and write
|
||
|
14D5000
|
trusted library allocation
|
page execute and read and write
|
||
|
2C6B000
|
heap
|
page read and write
|
||
|
4F6E000
|
trusted library allocation
|
page read and write
|
||
|
329F000
|
trusted library section
|
page readonly
|
||
|
7C1E000
|
stack
|
page read and write
|
||
|
EFA000
|
heap
|
page read and write
|
||
|
2A6C000
|
trusted library allocation
|
page read and write
|
||
|
D970000
|
heap
|
page read and write
|
||
|
477E000
|
trusted library allocation
|
page read and write
|
||
|
700F000
|
stack
|
page read and write
|
||
|
4E00000
|
trusted library section
|
page readonly
|
||
|
14E0000
|
heap
|
page read and write
|
||
|
6B3E000
|
stack
|
page read and write
|
||
|
521E000
|
stack
|
page read and write
|
||
|
549E000
|
stack
|
page read and write
|
||
|
51CC000
|
stack
|
page read and write
|
||
|
545E000
|
stack
|
page read and write
|
||
|
1860000
|
heap
|
page read and write
|
||
|
DAAD000
|
stack
|
page read and write
|
||
|
38F5000
|
trusted library allocation
|
page read and write
|
||
|
2A4C000
|
trusted library allocation
|
page read and write
|
||
|
38DD000
|
trusted library allocation
|
page read and write
|
||
|
9E0000
|
unkown
|
page readonly
|
||
|
32F0000
|
trusted library allocation
|
page read and write
|
||
|
9D9E000
|
stack
|
page read and write
|
||
|
14CA000
|
trusted library allocation
|
page execute and read and write
|
||
|
4F40000
|
heap
|
page read and write
|
||
|
6E60000
|
heap
|
page read and write
|
||
|
66FE000
|
stack
|
page read and write
|
||
|
EF7000
|
stack
|
page read and write
|
||
|
50B000
|
heap
|
page read and write
|
||
|
79FE000
|
stack
|
page read and write
|
||
|
F5A000
|
trusted library allocation
|
page execute and read and write
|
||
|
57C0000
|
heap
|
page execute and read and write
|
||
|
7181000
|
heap
|
page read and write
|
||
|
9A7E000
|
stack
|
page read and write
|
||
|
30CC000
|
stack
|
page read and write
|
||
|
5DF0000
|
heap
|
page read and write
|
||
|
704D000
|
stack
|
page read and write
|
||
|
17A0000
|
trusted library allocation
|
page read and write
|
||
|
5CE0000
|
trusted library allocation
|
page read and write
|
||
|
787C000
|
stack
|
page read and write
|
||
|
7F810000
|
trusted library allocation
|
page execute and read and write
|
||
|
BD0000
|
heap
|
page read and write
|
||
|
1090000
|
heap
|
page read and write
|
||
|
5DEF000
|
stack
|
page read and write
|
||
|
D975000
|
heap
|
page read and write
|
||
|
6880000
|
heap
|
page read and write
|
||
|
14DB000
|
trusted library allocation
|
page execute and read and write
|
||
|
8030000
|
trusted library allocation
|
page read and write
|
||
|
34FE000
|
stack
|
page read and write
|
||
|
32B0000
|
heap
|
page read and write
|
||
|
17C0000
|
trusted library allocation
|
page read and write
|
||
|
5F2E000
|
stack
|
page read and write
|
||
|
149D000
|
trusted library allocation
|
page execute and read and write
|
||
|
612D000
|
stack
|
page read and write
|
||
|
13C6000
|
trusted library allocation
|
page execute and read and write
|
||
|
4645000
|
trusted library allocation
|
page read and write
|
||
|
5CD2000
|
trusted library allocation
|
page read and write
|
||
|
1A5E000
|
stack
|
page read and write
|
||
|
38CA000
|
trusted library allocation
|
page read and write
|
||
|
2EE8000
|
trusted library allocation
|
page read and write
|
||
|
778B000
|
trusted library allocation
|
page read and write
|
||
|
99B6000
|
trusted library allocation
|
page read and write
|
||
|
5D77000
|
trusted library allocation
|
page read and write
|
||
|
18F1000
|
heap
|
page read and write
|
||
|
54F8000
|
trusted library allocation
|
page read and write
|
||
|
4DE000
|
unkown
|
page read and write
|
||
|
8285000
|
heap
|
page read and write
|
||
|
56EA000
|
trusted library allocation
|
page read and write
|
||
|
115A000
|
stack
|
page read and write
|
||
|
5A3E000
|
stack
|
page read and write
|
||
|
49E000
|
unkown
|
page read and write
|
||
|
68BE000
|
stack
|
page read and write
|
||
|
99D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
38D1000
|
trusted library allocation
|
page read and write
|
||
|
1390000
|
trusted library allocation
|
page read and write
|
||
|
14C6000
|
trusted library allocation
|
page execute and read and write
|
||
|
6BFE000
|
stack
|
page read and write
|
||
|
1800000
|
trusted library allocation
|
page read and write
|
||
|
5740000
|
heap
|
page read and write
|
||
|
14A0000
|
trusted library allocation
|
page read and write
|
||
|
298E000
|
stack
|
page read and write
|
||
|
56F1000
|
trusted library allocation
|
page read and write
|
||
|
7AFE000
|
stack
|
page read and write
|
||
|
9B80000
|
trusted library allocation
|
page read and write
|
||
|
2F80000
|
heap
|
page read and write
|
||
|
5D4D000
|
stack
|
page read and write
|
||
|
1407000
|
heap
|
page read and write
|
||
|
7850000
|
heap
|
page execute and read and write
|
||
|
1EA000
|
stack
|
page read and write
|
||
|
5D00000
|
trusted library allocation
|
page execute and read and write
|
||
|
CB5000
|
heap
|
page read and write
|
||
|
32A0000
|
heap
|
page read and write
|
||
|
9E1D000
|
stack
|
page read and write
|
||
|
1690000
|
heap
|
page read and write
|
||
|
FCE000
|
stack
|
page read and write
|
||
|
53BE000
|
stack
|
page read and write
|
||
|
56CF000
|
stack
|
page read and write
|
||
|
2A06000
|
trusted library allocation
|
page read and write
|
||
|
1880000
|
heap
|
page read and write
|
||
|
56DB000
|
trusted library allocation
|
page read and write
|
||
|
F40000
|
trusted library allocation
|
page read and write
|
||
|
51DD000
|
trusted library allocation
|
page read and write
|
||
|
9E2000
|
unkown
|
page readonly
|
||
|
5E30000
|
heap
|
page read and write
|
||
|
13C0000
|
trusted library allocation
|
page read and write
|
||
|
5F80000
|
trusted library allocation
|
page read and write
|
||
|
E7A000
|
heap
|
page read and write
|
||
|
500000
|
heap
|
page read and write
|
||
|
41B9000
|
trusted library allocation
|
page read and write
|
||
|
9B90000
|
trusted library allocation
|
page read and write
|
||
|
56EE000
|
trusted library allocation
|
page read and write
|
||
|
2DA1000
|
trusted library allocation
|
page read and write
|
||
|
9E2000
|
unkown
|
page execute and read and write
|
||
|
4DA0000
|
trusted library allocation
|
page read and write
|
||
|
81EE000
|
stack
|
page read and write
|
||
|
7C20000
|
heap
|
page read and write
|
||
|
38EB000
|
trusted library allocation
|
page read and write
|
||
|
6D3E000
|
stack
|
page read and write
|
||
|
5C8E000
|
stack
|
page read and write
|
||
|
38F3000
|
trusted library allocation
|
page read and write
|
||
|
5D60000
|
trusted library allocation
|
page execute and read and write
|
||
|
14AD000
|
trusted library allocation
|
page execute and read and write
|
||
|
3230000
|
trusted library allocation
|
page read and write
|
||
|
5790000
|
trusted library allocation
|
page read and write
|
||
|
109E000
|
heap
|
page read and write
|
||
|
2A89000
|
trusted library allocation
|
page read and write
|
||
|
186E000
|
heap
|
page read and write
|
||
|
56D0000
|
trusted library allocation
|
page read and write
|
||
|
E1DE000
|
stack
|
page read and write
|
||
|
749E000
|
stack
|
page read and write
|
||
|
4F5B000
|
trusted library allocation
|
page read and write
|
||
|
1006000
|
heap
|
page read and write
|
||
|
77D0000
|
trusted library allocation
|
page read and write
|
||
|
3DA1000
|
trusted library allocation
|
page read and write
|
||
|
13AD000
|
trusted library allocation
|
page execute and read and write
|
||
|
31E6000
|
trusted library allocation
|
page read and write
|
||
|
99B0000
|
trusted library allocation
|
page read and write
|
||
|
4525000
|
trusted library allocation
|
page read and write
|
||
|
B40000
|
heap
|
page read and write
|
||
|
8290000
|
heap
|
page read and write
|
||
|
2D9F000
|
stack
|
page read and write
|
||
|
9562000
|
trusted library allocation
|
page read and write
|
||
|
8070000
|
trusted library allocation
|
page execute and read and write
|
||
|
7E30000
|
heap
|
page read and write
|
||
|
17D0000
|
trusted library allocation
|
page read and write
|
||
|
2C80000
|
trusted library allocation
|
page read and write
|
||
|
5B4E000
|
stack
|
page read and write
|
||
|
DE5E000
|
stack
|
page read and write
|
||
|
7780000
|
trusted library allocation
|
page read and write
|
||
|
531F000
|
stack
|
page read and write
|
||
|
5CE0000
|
heap
|
page read and write
|
||
|
9960000
|
trusted library allocation
|
page read and write
|
||
|
7C25000
|
heap
|
page read and write
|
||
|
5CDC000
|
trusted library allocation
|
page read and write
|
||
|
38E7000
|
trusted library allocation
|
page read and write
|
||
|
F4D000
|
trusted library allocation
|
page execute and read and write
|
||
|
4F62000
|
trusted library allocation
|
page read and write
|
||
|
E09C000
|
stack
|
page read and write
|
||
|
2C60000
|
trusted library allocation
|
page read and write
|
||
|
DE0000
|
heap
|
page read and write
|
||
|
3130000
|
trusted library allocation
|
page read and write
|
||
|
38E9000
|
trusted library allocation
|
page read and write
|
||
|
7950000
|
trusted library section
|
page read and write
|
||
|
1400000
|
heap
|
page read and write
|
||
|
1A60000
|
trusted library allocation
|
page read and write
|
||
|
E4A000
|
heap
|
page read and write
|
||
|
9DDE000
|
stack
|
page read and write
|
||
|
FD0000
|
heap
|
page read and write
|
||
|
14C2000
|
trusted library allocation
|
page read and write
|
||
|
4D09000
|
trusted library allocation
|
page read and write
|
||
|
10C4000
|
heap
|
page read and write
|
||
|
652E000
|
stack
|
page read and write
|
||
|
5BAF000
|
stack
|
page read and write
|
||
|
334B000
|
stack
|
page read and write
|
||
|
160E000
|
stack
|
page read and write
|
||
|
9BD0000
|
trusted library allocation
|
page read and write
|
||
|
29CC000
|
stack
|
page read and write
|
||
|
715B000
|
heap
|
page read and write
|
||
|
5E63000
|
heap
|
page read and write
|
||
|
7BB0000
|
trusted library allocation
|
page read and write
|
||
|
50E5000
|
trusted library allocation
|
page read and write
|
||
|
D9A0000
|
heap
|
page read and write
|
||
|
339B000
|
trusted library allocation
|
page read and write
|
||
|
7820000
|
trusted library allocation
|
page read and write
|
||
|
6BA0000
|
trusted library allocation
|
page read and write
|
||
|
6700000
|
trusted library allocation
|
page read and write
|
||
|
184E000
|
stack
|
page read and write
|
||
|
5D70000
|
trusted library allocation
|
page read and write
|
||
|
4693000
|
trusted library allocation
|
page read and write
|
||
|
9CA0000
|
trusted library section
|
page read and write
|
||
|
777C000
|
stack
|
page read and write
|
||
|
3300000
|
heap
|
page execute and read and write
|
||
|
5D50000
|
trusted library allocation
|
page execute and read and write
|
||
|
32D4000
|
trusted library allocation
|
page read and write
|
||
|
2A10000
|
heap
|
page execute and read and write
|
||
|
6A3E000
|
stack
|
page read and write
|
||
|
13FE000
|
heap
|
page read and write
|
||
|
7250000
|
heap
|
page read and write
|
||
|
11E0000
|
heap
|
page read and write
|
||
|
14D2000
|
trusted library allocation
|
page read and write
|
||
|
890000
|
heap
|
page read and write
|
||
|
38D5000
|
trusted library allocation
|
page read and write
|
||
|
18A4000
|
heap
|
page read and write
|
||
|
38FB000
|
trusted library allocation
|
page read and write
|
||
|
338E000
|
stack
|
page read and write
|
||
|
79E0000
|
heap
|
page read and write
|
||
|
E44000
|
heap
|
page read and write
|
||
|
32F5000
|
trusted library allocation
|
page read and write
|
||
|
6532000
|
heap
|
page read and write
|
||
|
528D000
|
stack
|
page read and write
|
||
|
3110000
|
heap
|
page read and write
|
||
|
4E0000
|
heap
|
page read and write
|
||
|
2C60000
|
heap
|
page read and write
|
||
|
7F940000
|
trusted library allocation
|
page execute and read and write
|
||
|
5A0E000
|
stack
|
page read and write
|
||
|
4F56000
|
trusted library allocation
|
page read and write
|
||
|
45F7000
|
trusted library allocation
|
page read and write
|
||
|
3205000
|
trusted library allocation
|
page read and write
|
||
|
31F7000
|
trusted library allocation
|
page read and write
|
||
|
779E000
|
trusted library allocation
|
page read and write
|
||
|
7B00000
|
trusted library allocation
|
page read and write
|
||
|
5CD0000
|
trusted library allocation
|
page read and write
|
||
|
9D5E000
|
stack
|
page read and write
|
||
|
F56000
|
trusted library allocation
|
page execute and read and write
|
||
|
1AD000
|
stack
|
page read and write
|
||
|
3501000
|
trusted library allocation
|
page read and write
|
||
|
7DE0000
|
trusted library allocation
|
page read and write
|
||
|
2C50000
|
trusted library allocation
|
page read and write
|
||
|
4501000
|
trusted library allocation
|
page read and write
|
||
|
D985000
|
heap
|
page read and write
|
||
|
17BD000
|
trusted library allocation
|
page execute and read and write
|
||
|
53F3000
|
heap
|
page read and write
|
||
|
AA4000
|
unkown
|
page execute and read and write
|
||
|
3673000
|
trusted library allocation
|
page read and write
|
||
|
1328000
|
heap
|
page read and write
|
||
|
6E3E000
|
stack
|
page read and write
|
||
|
3154000
|
trusted library allocation
|
page read and write
|
||
|
17E7000
|
trusted library allocation
|
page execute and read and write
|
||
|
1A87000
|
heap
|
page read and write
|
||
|
FD0000
|
heap
|
page read and write
|
||
|
7E42000
|
trusted library allocation
|
page read and write
|
||
|
38DF000
|
trusted library allocation
|
page read and write
|
||
|
82A0000
|
heap
|
page read and write
|
||
|
13BB000
|
heap
|
page read and write
|
||
|
38D9000
|
trusted library allocation
|
page read and write
|
||
|
17D6000
|
trusted library allocation
|
page execute and read and write
|
||
|
38F7000
|
trusted library allocation
|
page read and write
|
||
|
4DFB000
|
stack
|
page read and write
|
||
|
1320000
|
heap
|
page read and write
|
||
|
316D000
|
trusted library allocation
|
page read and write
|
||
|
F67000
|
trusted library allocation
|
page execute and read and write
|
||
|
78BD000
|
stack
|
page read and write
|
||
|
4BBE000
|
stack
|
page read and write
|
||
|
56D4000
|
trusted library allocation
|
page read and write
|
||
|
2C40000
|
trusted library allocation
|
page execute and read and write
|
||
|
299E000
|
stack
|
page read and write
|
||
|
13D2000
|
trusted library allocation
|
page read and write
|
||
|
38CF000
|
trusted library allocation
|
page read and write
|
||
|
4F90000
|
heap
|
page read and write
|
||
|
D56E000
|
stack
|
page read and write
|
||
|
6540000
|
heap
|
page read and write
|
||
|
652C000
|
stack
|
page read and write
|
||
|
535E000
|
stack
|
page read and write
|
||
|
4F82000
|
trusted library allocation
|
page read and write
|
||
|
32D6000
|
trusted library allocation
|
page read and write
|
||
|
14D7000
|
trusted library allocation
|
page execute and read and write
|
||
|
2C90000
|
heap
|
page read and write
|
||
|
1493000
|
trusted library allocation
|
page execute and read and write
|
||
|
1A70000
|
trusted library allocation
|
page read and write
|
||
|
70E000
|
stack
|
page read and write
|
||
|
9360000
|
heap
|
page read and write
|
||
|
31DC000
|
trusted library allocation
|
page read and write
|
||
|
4F10000
|
heap
|
page execute and read and write
|
||
|
74DD000
|
stack
|
page read and write
|
||
|
7E70000
|
trusted library allocation
|
page execute and read and write
|
||
|
5E78000
|
heap
|
page read and write
|
||
|
5A40000
|
trusted library allocation
|
page execute and read and write
|
||
|
5743000
|
heap
|
page read and write
|
||
|
4D05000
|
trusted library allocation
|
page read and write
|
||
|
D86D000
|
stack
|
page read and write
|
||
|
E58000
|
heap
|
page read and write
|
||
|
17E2000
|
trusted library allocation
|
page read and write
|
||
|
56DE000
|
trusted library allocation
|
page read and write
|
||
|
12F9000
|
stack
|
page read and write
|
||
|
5CDC000
|
trusted library allocation
|
page read and write
|
||
|
7830000
|
trusted library section
|
page read and write
|
||
|
DF9C000
|
stack
|
page read and write
|
||
|
13D7000
|
trusted library allocation
|
page execute and read and write
|
||
|
52BE000
|
stack
|
page read and write
|
||
|
1954000
|
heap
|
page read and write
|
||
|
6420000
|
trusted library allocation
|
page read and write
|
||
|
EB2000
|
heap
|
page read and write
|
||
|
F65000
|
trusted library allocation
|
page execute and read and write
|
||
|
3160000
|
trusted library allocation
|
page read and write
|
||
|
7920000
|
trusted library allocation
|
page execute and read and write
|
||
|
54F0000
|
trusted library allocation
|
page read and write
|
||
|
3140000
|
trusted library allocation
|
page read and write
|
||
|
642E000
|
stack
|
page read and write
|
||
|
33B1000
|
trusted library allocation
|
page read and write
|
||
|
5E68000
|
heap
|
page read and write
|
||
|
13F0000
|
trusted library allocation
|
page read and write
|
||
|
2C2C000
|
stack
|
page read and write
|
||
|
308E000
|
stack
|
page read and write
|
||
|
1098000
|
heap
|
page read and write
|
||
|
8BE000
|
unkown
|
page read and write
|
||
|
F89000
|
stack
|
page read and write
|
||
|
E18000
|
heap
|
page read and write
|
||
|
5CF6000
|
trusted library allocation
|
page read and write
|
||
|
714D000
|
stack
|
page read and write
|
||
|
F6B000
|
trusted library allocation
|
page execute and read and write
|
||
|
7810000
|
heap
|
page read and write
|
||
|
1353000
|
heap
|
page read and write
|
||
|
5C4E000
|
stack
|
page read and write
|
||
|
F52000
|
trusted library allocation
|
page read and write
|
||
|
F20000
|
trusted library allocation
|
page read and write
|
||
|
870000
|
heap
|
page read and write
|
||
|
E89000
|
heap
|
page read and write
|
||
|
17CD000
|
trusted library allocation
|
page execute and read and write
|
||
|
D978000
|
heap
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
75DF000
|
stack
|
page read and write
|
||
|
1356000
|
heap
|
page read and write
|
||
|
4F65000
|
trusted library allocation
|
page read and write
|
||
|
5CE4000
|
trusted library allocation
|
page read and write
|
||
|
1000000
|
heap
|
page read and write
|
||
|
1494000
|
trusted library allocation
|
page read and write
|
||
|
4F3C000
|
stack
|
page read and write
|
||
|
57D0000
|
heap
|
page read and write
|
||
|
56F6000
|
trusted library allocation
|
page read and write
|
||
|
C60000
|
heap
|
page read and write
|
||
|
2F4A000
|
trusted library allocation
|
page read and write
|
||
|
7DA000
|
stack
|
page read and write
|
||
|
33BD000
|
trusted library allocation
|
page read and write
|
||
|
5CF0000
|
trusted library allocation
|
page read and write
|
||
|
4F76000
|
trusted library allocation
|
page read and write
|
||
|
38F9000
|
trusted library allocation
|
page read and write
|
||
|
13B0000
|
trusted library allocation
|
page read and write
|
||
|
99A0000
|
trusted library allocation
|
page read and write
|
||
|
5CF9000
|
trusted library allocation
|
page read and write
|
||
|
53C5000
|
trusted library allocation
|
page read and write
|
||
|
3150000
|
trusted library allocation
|
page read and write
|
||
|
8280000
|
heap
|
page read and write
|
||
|
5F77000
|
trusted library allocation
|
page read and write
|
||
|
5F70000
|
trusted library allocation
|
page read and write
|
||
|
E0DE000
|
stack
|
page read and write
|
||
|
33AE000
|
trusted library allocation
|
page read and write
|
||
|
128E000
|
stack
|
page read and write
|
||
|
9B7E000
|
stack
|
page read and write
|
||
|
BC0000
|
heap
|
page read and write
|
||
|
7150000
|
heap
|
page read and write
|
||
|
2A00000
|
trusted library allocation
|
page read and write
|
||
|
38E5000
|
trusted library allocation
|
page read and write
|
||
|
77A6000
|
trusted library allocation
|
page read and write
|
||
|
7822000
|
trusted library allocation
|
page read and write
|
||
|
8C0000
|
heap
|
page read and write
|
||
|
1300000
|
heap
|
page read and write
|
||
|
3219000
|
trusted library allocation
|
page read and write
|
||
|
1A80000
|
heap
|
page read and write
|
||
|
11C0000
|
heap
|
page read and write
|
||
|
7C40000
|
heap
|
page read and write
|
There are 569 hidden memdumps, click here to show them.