Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
U5FHkrCwJN.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v2.0_32\UsageLogs\U5FHkrCwJN.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\confuse\chargeable.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v2.0_32\UsageLogs\chargeable.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
\Device\ConDrv
|
ASCII text, with CRLF line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\U5FHkrCwJN.exe
|
"C:\Users\user\Desktop\U5FHkrCwJN.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\confuse\chargeable.exe
|
"C:\Users\user\AppData\Roaming\confuse\chargeable.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\confuse\chargeable.exe
|
C:\Users\user\AppData\Roaming\confuse\chargeable.exe
|
|
|
|
C:\Users\user\AppData\Roaming\confuse\chargeable.exe
|
C:\Users\user\AppData\Roaming\confuse\chargeable.exe
|
|
|
|
C:\Windows\SysWOW64\netsh.exe
|
netsh firewall add allowedprogram "C:\Users\user\AppData\Roaming\confuse\chargeable.exe" "chargeable.exe" ENABLE
|
|
|
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 2948 -s 80
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
doddyfire.linkpc.net
|
|
||
|
https://www.sysinternals.com0
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
doddyfire.linkpc.net
|
198.42.118.111
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
198.42.118.111
|
doddyfire.linkpc.net
|
United States
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
confuse
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
SysMain
|
|
|
|
HKEY_CURRENT_USER
|
di
|
|
|
|
HKEY_CURRENT_USER\Environment
|
SEE_MASK_NOZONECHECKS
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
|
SlowContextMenuEntries
|
||
|
HKEY_CURRENT_USER\SOFTWARE\e1a87040f2026369a233f9ae76301b7b
|
[kl]
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
402000
|
remote allocation
|
page execute and read and write
|
|
|
|
2E61000
|
trusted library allocation
|
page read and write
|
|
|
|
1109000
|
heap
|
page read and write
|
||
|
5970000
|
heap
|
page read and write
|
||
|
1100000
|
heap
|
page read and write
|
||
|
10E7000
|
heap
|
page read and write
|
||
|
1150000
|
heap
|
page read and write
|
||
|
5670000
|
heap
|
page read and write
|
||
|
115E000
|
heap
|
page read and write
|
||
|
1178000
|
heap
|
page read and write
|
||
|
DDA000
|
trusted library allocation
|
page execute and read and write
|
||
|
C25000
|
heap
|
page read and write
|
||
|
5930000
|
heap
|
page read and write
|
||
|
1163000
|
heap
|
page read and write
|
||
|
3DD1000
|
trusted library allocation
|
page read and write
|
||
|
F34000
|
stack
|
page read and write
|
||
|
1178000
|
heap
|
page read and write
|
||
|
110B000
|
heap
|
page read and write
|
||
|
1158000
|
heap
|
page read and write
|
||
|
114A000
|
heap
|
page read and write
|
||
|
D20000
|
heap
|
page read and write
|
||
|
E63000
|
heap
|
page read and write
|
||
|
1109000
|
heap
|
page read and write
|
||
|
709E000
|
stack
|
page read and write
|
||
|
2E01000
|
trusted library allocation
|
page read and write
|
||
|
117B000
|
heap
|
page read and write
|
||
|
CBA000
|
trusted library allocation
|
page execute and read and write
|
||
|
5365000
|
heap
|
page read and write
|
||
|
10FD000
|
heap
|
page read and write
|
||
|
526F000
|
stack
|
page read and write
|
||
|
FE7000
|
trusted library allocation
|
page execute and read and write
|
||
|
10B8000
|
trusted library allocation
|
page read and write
|
||
|
115D000
|
heap
|
page read and write
|
||
|
122E000
|
heap
|
page read and write
|
||
|
111C000
|
heap
|
page read and write
|
||
|
11D000
|
stack
|
page read and write
|
||
|
8B4F000
|
stack
|
page read and write
|
||
|
15CC000
|
trusted library allocation
|
page execute and read and write
|
||
|
1440000
|
heap
|
page read and write
|
||
|
67AE000
|
stack
|
page read and write
|
||
|
D90000
|
heap
|
page read and write
|
||
|
5671000
|
heap
|
page read and write
|
||
|
3391000
|
trusted library allocation
|
page read and write
|
||
|
552D000
|
stack
|
page read and write
|
||
|
2E5E000
|
trusted library allocation
|
page read and write
|
||
|
3398000
|
trusted library allocation
|
page read and write
|
||
|
E32000
|
heap
|
page read and write
|
||
|
1138000
|
heap
|
page read and write
|
||
|
1146000
|
heap
|
page read and write
|
||
|
F7F000
|
stack
|
page read and write
|
||
|
D66000
|
heap
|
page read and write
|
||
|
71E2000
|
trusted library allocation
|
page read and write
|
||
|
5420000
|
heap
|
page read and write
|
||
|
E40000
|
heap
|
page read and write
|
||
|
1140000
|
heap
|
page read and write
|
||
|
116A000
|
heap
|
page read and write
|
||
|
100B000
|
trusted library allocation
|
page execute and read and write
|
||
|
1152000
|
heap
|
page read and write
|
||
|
10FD000
|
heap
|
page read and write
|
||
|
FFA000
|
trusted library allocation
|
page execute and read and write
|
||
|
FE2000
|
trusted library allocation
|
page read and write
|
||
|
1164000
|
heap
|
page read and write
|
||
|
56CA000
|
heap
|
page read and write
|
||
|
1174000
|
heap
|
page read and write
|
||
|
56BF000
|
heap
|
page read and write
|
||
|
5340000
|
heap
|
page read and write
|
||
|
114E000
|
heap
|
page read and write
|
||
|
111C000
|
heap
|
page read and write
|
||
|
163E000
|
stack
|
page read and write
|
||
|
1148000
|
heap
|
page read and write
|
||
|
B85000
|
heap
|
page read and write
|
||
|
DD7000
|
trusted library allocation
|
page execute and read and write
|
||
|
1162000
|
heap
|
page read and write
|
||
|
C92000
|
trusted library allocation
|
page execute and read and write
|
||
|
116F000
|
heap
|
page read and write
|
||
|
1179000
|
heap
|
page read and write
|
||
|
113F000
|
heap
|
page read and write
|
||
|
3301000
|
trusted library allocation
|
page read and write
|
||
|
E50000
|
heap
|
page read and write
|
||
|
4F4C000
|
stack
|
page read and write
|
||
|
1070000
|
heap
|
page read and write
|
||
|
56BF000
|
heap
|
page read and write
|
||
|
1490000
|
heap
|
page read and write
|
||
|
4FD000
|
stack
|
page read and write
|
||
|
114D000
|
heap
|
page read and write
|
||
|
3E01000
|
trusted library allocation
|
page read and write
|
||
|
110B000
|
heap
|
page read and write
|
||
|
10FD000
|
heap
|
page read and write
|
||
|
1158000
|
heap
|
page read and write
|
||
|
56B0000
|
heap
|
page read and write
|
||
|
1007000
|
trusted library allocation
|
page execute and read and write
|
||
|
1299000
|
heap
|
page read and write
|
||
|
AF6000
|
stack
|
page read and write
|
||
|
56B5000
|
heap
|
page read and write
|
||
|
14A6000
|
heap
|
page read and write
|
||
|
6AEE000
|
heap
|
page read and write
|
||
|
110B000
|
heap
|
page read and write
|
||
|
53F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1172000
|
heap
|
page read and write
|
||
|
8CCC000
|
stack
|
page read and write
|
||
|
2E54000
|
trusted library allocation
|
page read and write
|
||
|
4EAC000
|
stack
|
page read and write
|
||
|
1195000
|
heap
|
page read and write
|
||
|
5660000
|
heap
|
page read and write
|
||
|
142E000
|
stack
|
page read and write
|
||
|
BC0000
|
heap
|
page read and write
|
||
|
5160000
|
heap
|
page read and write
|
||
|
1106000
|
heap
|
page read and write
|
||
|
1710000
|
heap
|
page execute and read and write
|
||
|
10FA000
|
heap
|
page read and write
|
||
|
8B8E000
|
stack
|
page read and write
|
||
|
1164000
|
heap
|
page read and write
|
||
|
DE0000
|
heap
|
page read and write
|
||
|
5671000
|
heap
|
page read and write
|
||
|
5090000
|
unclassified section
|
page read and write
|
||
|
5994000
|
heap
|
page read and write
|
||
|
DDB000
|
trusted library allocation
|
page execute and read and write
|
||
|
110B000
|
heap
|
page read and write
|
||
|
56BF000
|
heap
|
page read and write
|
||
|
5570000
|
heap
|
page read and write
|
||
|
1140000
|
heap
|
page read and write
|
||
|
114D000
|
heap
|
page read and write
|
||
|
8E1E000
|
stack
|
page read and write
|
||
|
10B0000
|
heap
|
page read and write
|
||
|
B80000
|
heap
|
page read and write
|
||
|
6B3E000
|
stack
|
page read and write
|
||
|
6AE0000
|
heap
|
page read and write
|
||
|
DF5000
|
heap
|
page read and write
|
||
|
5540000
|
heap
|
page read and write
|
||
|
1090000
|
trusted library allocation
|
page read and write
|
||
|
1295000
|
heap
|
page read and write
|
||
|
6630000
|
heap
|
page read and write
|
||
|
4F20000
|
heap
|
page read and write
|
||
|
10C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
56C0000
|
heap
|
page read and write
|
||
|
E7E000
|
heap
|
page read and write
|
||
|
113C000
|
heap
|
page read and write
|
||
|
DE9000
|
heap
|
page read and write
|
||
|
1106000
|
heap
|
page read and write
|
||
|
1195000
|
heap
|
page read and write
|
||
|
2FBF000
|
stack
|
page read and write
|
||
|
DEE000
|
heap
|
page read and write
|
||
|
1164000
|
heap
|
page read and write
|
||
|
533C000
|
stack
|
page read and write
|
||
|
1101000
|
heap
|
page read and write
|
||
|
705E000
|
stack
|
page read and write
|
||
|
119C000
|
heap
|
page read and write
|
||
|
116E000
|
heap
|
page read and write
|
||
|
111F000
|
heap
|
page read and write
|
||
|
110B000
|
heap
|
page read and write
|
||
|
2E9B000
|
trusted library allocation
|
page read and write
|
||
|
10BB000
|
heap
|
page read and write
|
||
|
530C000
|
stack
|
page read and write
|
||
|
DA0000
|
heap
|
page read and write
|
||
|
5530000
|
heap
|
page read and write
|
||
|
68FE000
|
stack
|
page read and write
|
||
|
15CA000
|
trusted library allocation
|
page execute and read and write
|
||
|
114E000
|
heap
|
page read and write
|
||
|
1162000
|
heap
|
page read and write
|
||
|
C92000
|
unkown
|
page readonly
|
||
|
15A0000
|
trusted library allocation
|
page read and write
|
||
|
15A0000
|
trusted library allocation
|
page read and write
|
||
|
1195000
|
heap
|
page read and write
|
||
|
119C000
|
heap
|
page read and write
|
||
|
1148000
|
heap
|
page read and write
|
||
|
119C000
|
heap
|
page read and write
|
||
|
56CA000
|
heap
|
page read and write
|
||
|
15F7000
|
trusted library allocation
|
page execute and read and write
|
||
|
111E000
|
heap
|
page read and write
|
||
|
7D0000
|
heap
|
page read and write
|
||
|
5960000
|
heap
|
page read and write
|
||
|
B3E000
|
stack
|
page read and write
|
||
|
5010000
|
trusted library allocation
|
page execute and read and write
|
||
|
1143000
|
heap
|
page read and write
|
||
|
5690000
|
heap
|
page read and write
|
||
|
F3E000
|
stack
|
page read and write
|
||
|
10FF000
|
heap
|
page read and write
|
||
|
D70000
|
heap
|
page read and write
|
||
|
115D000
|
heap
|
page read and write
|
||
|
557F000
|
stack
|
page read and write
|
||
|
1480000
|
heap
|
page read and write
|
||
|
E5F000
|
heap
|
page read and write
|
||
|
58FD000
|
stack
|
page read and write
|
||
|
1149000
|
heap
|
page read and write
|
||
|
116C000
|
heap
|
page read and write
|
||
|
1164000
|
heap
|
page read and write
|
||
|
E46000
|
heap
|
page read and write
|
||
|
1175000
|
heap
|
page read and write
|
||
|
B66000
|
stack
|
page read and write
|
||
|
1175000
|
heap
|
page read and write
|
||
|
CB7000
|
trusted library allocation
|
page execute and read and write
|
||
|
10F9000
|
stack
|
page read and write
|
||
|
57E0000
|
trusted library section
|
page readonly
|
||
|
C80000
|
trusted library allocation
|
page read and write
|
||
|
115A000
|
heap
|
page read and write
|
||
|
1178000
|
heap
|
page read and write
|
||
|
119F000
|
heap
|
page read and write
|
||
|
116D000
|
heap
|
page read and write
|
||
|
1105000
|
heap
|
page read and write
|
||
|
E2D000
|
heap
|
page read and write
|
||
|
10F6000
|
stack
|
page read and write
|
||
|
5020000
|
heap
|
page read and write
|
||
|
1178000
|
heap
|
page read and write
|
||
|
A6A000
|
stack
|
page read and write
|
||
|
152C000
|
stack
|
page read and write
|
||
|
119C000
|
heap
|
page read and write
|
||
|
113E000
|
heap
|
page read and write
|
||
|
10F6000
|
heap
|
page read and write
|
||
|
15F2000
|
trusted library allocation
|
page read and write
|
||
|
1157000
|
heap
|
page read and write
|
||
|
DF0000
|
heap
|
page read and write
|
||
|
1138000
|
heap
|
page read and write
|
||
|
769000
|
stack
|
page read and write
|
||
|
2E78000
|
trusted library allocation
|
page read and write
|
||
|
6A3E000
|
stack
|
page read and write
|
||
|
5023000
|
heap
|
page read and write
|
||
|
1150000
|
heap
|
page read and write
|
||
|
56C7000
|
heap
|
page read and write
|
||
|
1120000
|
heap
|
page read and write
|
||
|
55D0000
|
trusted library allocation
|
page read and write
|
||
|
1171000
|
heap
|
page read and write
|
||
|
4301000
|
trusted library allocation
|
page read and write
|
||
|
1217000
|
heap
|
page read and write
|
||
|
11AD000
|
heap
|
page read and write
|
||
|
15C2000
|
trusted library allocation
|
page execute and read and write
|
||
|
116A000
|
heap
|
page read and write
|
||
|
12FF000
|
heap
|
page read and write
|
||
|
8C8E000
|
stack
|
page read and write
|
||
|
55F0000
|
trusted library allocation
|
page read and write
|
||
|
E1E000
|
heap
|
page read and write
|
||
|
11AE000
|
heap
|
page read and write
|
||
|
7F4D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
FDE000
|
stack
|
page read and write
|
||
|
5423000
|
heap
|
page read and write
|
||
|
DD0000
|
trusted library allocation
|
page read and write
|
||
|
10E0000
|
heap
|
page read and write
|
||
|
10FF000
|
heap
|
page read and write
|
||
|
10E6000
|
heap
|
page read and write
|
||
|
12AC000
|
heap
|
page read and write
|
||
|
10A0000
|
trusted library allocation
|
page read and write
|
||
|
7F90000
|
heap
|
page read and write
|
||
|
1154000
|
heap
|
page read and write
|
||
|
5955000
|
heap
|
page read and write
|
||
|
119C000
|
heap
|
page read and write
|
||
|
5610000
|
heap
|
page read and write
|
||
|
10F7000
|
heap
|
page read and write
|
||
|
56C6000
|
heap
|
page read and write
|
||
|
DD2000
|
trusted library allocation
|
page read and write
|
||
|
4F8C000
|
stack
|
page read and write
|
||
|
116A000
|
heap
|
page read and write
|
||
|
5310000
|
trusted library section
|
page readonly
|
||
|
1138000
|
heap
|
page read and write
|
||
|
571E000
|
stack
|
page read and write
|
||
|
11AE000
|
heap
|
page read and write
|
||
|
11EE000
|
unkown
|
page read and write
|
||
|
119D000
|
heap
|
page read and write
|
||
|
113F000
|
heap
|
page read and write
|
||
|
125F000
|
heap
|
page read and write
|
||
|
547E000
|
stack
|
page read and write
|
||
|
55F0000
|
heap
|
page read and write
|
||
|
10F6000
|
heap
|
page read and write
|
||
|
E1E000
|
stack
|
page read and write
|
||
|
115C000
|
heap
|
page read and write
|
||
|
119C000
|
heap
|
page read and write
|
||
|
543E000
|
stack
|
page read and write
|
||
|
5360000
|
heap
|
page read and write
|
||
|
70DE000
|
stack
|
page read and write
|
||
|
10E9000
|
heap
|
page read and write
|
||
|
1179000
|
heap
|
page read and write
|
||
|
55E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
5350000
|
heap
|
page read and write
|
||
|
15C0000
|
trusted library allocation
|
page read and write
|
||
|
1141000
|
heap
|
page read and write
|
||
|
6C0000
|
heap
|
page read and write
|
||
|
56C0000
|
heap
|
page read and write
|
||
|
10F6000
|
heap
|
page read and write
|
||
|
2EBE000
|
trusted library allocation
|
page read and write
|
||
|
DBE000
|
stack
|
page read and write
|
||
|
C90000
|
unkown
|
page readonly
|
||
|
1178000
|
heap
|
page read and write
|
||
|
6730000
|
trusted library allocation
|
page read and write
|
||
|
6BE0000
|
trusted library section
|
page read and write
|
||
|
DD2000
|
trusted library allocation
|
page execute and read and write
|
||
|
115C000
|
heap
|
page read and write
|
||
|
10F6000
|
heap
|
page read and write
|
||
|
F90000
|
heap
|
page read and write
|
||
|
114B000
|
heap
|
page read and write
|
||
|
512E000
|
stack
|
page read and write
|
||
|
69FF000
|
stack
|
page read and write
|
||
|
E8E000
|
heap
|
page read and write
|
||
|
1162000
|
heap
|
page read and write
|
||
|
11AE000
|
heap
|
page read and write
|
||
|
57DB000
|
stack
|
page read and write
|
||
|
1154000
|
heap
|
page read and write
|
||
|
113F000
|
heap
|
page read and write
|
||
|
11AE000
|
heap
|
page read and write
|
||
|
10A0000
|
heap
|
page read and write
|
||
|
1155000
|
heap
|
page read and write
|
||
|
56C2000
|
heap
|
page read and write
|
||
|
BD0000
|
heap
|
page read and write
|
||
|
8F1E000
|
stack
|
page read and write
|
||
|
C20000
|
heap
|
page read and write
|
||
|
10B0000
|
heap
|
page execute and read and write
|
||
|
1080000
|
heap
|
page read and write
|
||
|
1144000
|
heap
|
page read and write
|
||
|
10FA000
|
heap
|
page read and write
|
||
|
1150000
|
heap
|
page read and write
|
||
|
4FEE000
|
stack
|
page read and write
|
||
|
E70000
|
heap
|
page read and write
|
||
|
FEA000
|
trusted library allocation
|
page execute and read and write
|
||
|
1148000
|
heap
|
page read and write
|
||
|
7C0000
|
heap
|
page read and write
|
||
|
5600000
|
heap
|
page read and write
|
||
|
119C000
|
heap
|
page read and write
|
||
|
11AE000
|
heap
|
page read and write
|
||
|
1173000
|
heap
|
page read and write
|
||
|
1170000
|
heap
|
page read and write
|
||
|
11AE000
|
heap
|
page read and write
|
||
|
2DD1000
|
trusted library allocation
|
page read and write
|
||
|
1309000
|
heap
|
page read and write
|
||
|
CD0000
|
heap
|
page read and write
|
||
|
4EFE000
|
stack
|
page read and write
|
||
|
56C8000
|
heap
|
page read and write
|
||
|
1090000
|
heap
|
page read and write
|
||
|
1140000
|
heap
|
page read and write
|
||
|
6F5E000
|
stack
|
page read and write
|
||
|
110B000
|
heap
|
page read and write
|
||
|
1158000
|
heap
|
page read and write
|
||
|
110B000
|
heap
|
page read and write
|
||
|
104E000
|
stack
|
page read and write
|
||
|
12EE000
|
unkown
|
page read and write
|
||
|
5920000
|
heap
|
page read and write
|
||
|
15FB000
|
trusted library allocation
|
page execute and read and write
|
||
|
1080000
|
heap
|
page read and write
|
||
|
15D0000
|
trusted library allocation
|
page read and write
|
||
|
1100000
|
heap
|
page read and write
|
||
|
5480000
|
trusted library allocation
|
page execute and read and write
|
||
|
56B3000
|
heap
|
page read and write
|
||
|
E3B000
|
stack
|
page read and write
|
||
|
1141000
|
heap
|
page read and write
|
||
|
1164000
|
heap
|
page read and write
|
||
|
55BE000
|
stack
|
page read and write
|
||
|
15DA000
|
trusted library allocation
|
page execute and read and write
|
||
|
1220000
|
heap
|
page read and write
|
||
|
119D000
|
heap
|
page read and write
|
||
|
56B8000
|
heap
|
page read and write
|
||
|
D03000
|
heap
|
page read and write
|
||
|
1162000
|
heap
|
page read and write
|
||
|
117D000
|
heap
|
page read and write
|
||
|
10F1000
|
heap
|
page read and write
|
||
|
1173000
|
heap
|
page read and write
|
||
|
4F00000
|
trusted library allocation
|
page read and write
|
||
|
141F000
|
stack
|
page read and write
|
||
|
15D2000
|
trusted library allocation
|
page read and write
|
||
|
DEE000
|
stack
|
page read and write
|
||
|
CA2000
|
trusted library allocation
|
page execute and read and write
|
||
|
1166000
|
heap
|
page read and write
|
||
|
C1E000
|
stack
|
page read and write
|
||
|
10FA000
|
heap
|
page read and write
|
||
|
15BA000
|
trusted library allocation
|
page execute and read and write
|
||
|
57F0000
|
heap
|
page read and write
|
||
|
4E70000
|
heap
|
page read and write
|
||
|
68AE000
|
stack
|
page read and write
|
||
|
1195000
|
heap
|
page read and write
|
||
|
DCA000
|
trusted library allocation
|
page execute and read and write
|
||
|
10F2000
|
heap
|
page read and write
|
||
|
CAA000
|
trusted library allocation
|
page execute and read and write
|
||
|
D60000
|
trusted library allocation
|
page read and write
|
||
|
111C000
|
heap
|
page read and write
|
||
|
DDC000
|
trusted library allocation
|
page execute and read and write
|
||
|
1145000
|
heap
|
page read and write
|
||
|
5009000
|
stack
|
page read and write
|
||
|
4FCC000
|
stack
|
page read and write
|
||
|
5950000
|
heap
|
page read and write
|
||
|
1166000
|
heap
|
page read and write
|
||
|
1179000
|
heap
|
page read and write
|
||
|
1141000
|
heap
|
page read and write
|
||
|
DC2000
|
trusted library allocation
|
page execute and read and write
|
||
|
114D000
|
heap
|
page read and write
|
||
|
1165000
|
heap
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
114E000
|
heap
|
page read and write
|
||
|
1156000
|
heap
|
page read and write
|
||
|
15F0000
|
trusted library allocation
|
page read and write
|
||
|
338E000
|
trusted library allocation
|
page read and write
|
||
|
8940000
|
heap
|
page read and write
|
||
|
1530000
|
trusted library allocation
|
page execute and read and write
|
||
|
56BB000
|
heap
|
page read and write
|
||
|
F3B000
|
stack
|
page read and write
|
||
|
1103000
|
heap
|
page read and write
|
||
|
1162000
|
heap
|
page read and write
|
||
|
14A0000
|
heap
|
page read and write
|
||
|
1150000
|
heap
|
page execute and read and write
|
||
|
10F7000
|
heap
|
page read and write
|
||
|
10D1000
|
heap
|
page read and write
|
||
|
1210000
|
heap
|
page read and write
|
||
|
556F000
|
stack
|
page read and write
|
||
|
56CA000
|
heap
|
page read and write
|
||
|
2A8F000
|
stack
|
page read and write
|
||
|
1085000
|
heap
|
page read and write
|
||
|
113F000
|
heap
|
page read and write
|
||
|
50EE000
|
stack
|
page read and write
|
||
|
1155000
|
heap
|
page read and write
|
||
|
115D000
|
heap
|
page read and write
|
||
|
CCA000
|
trusted library allocation
|
page execute and read and write
|
||
|
CC2000
|
trusted library allocation
|
page execute and read and write
|
||
|
10D0000
|
trusted library allocation
|
page read and write
|
||
|
CD8000
|
heap
|
page read and write
|
||
|
120E000
|
stack
|
page read and write
|
||
|
111C000
|
heap
|
page read and write
|
||
|
107F000
|
stack
|
page read and write
|
||
|
CA0000
|
trusted library allocation
|
page read and write
|
||
|
8A4E000
|
stack
|
page read and write
|
||
|
56B3000
|
heap
|
page read and write
|
||
|
10F6000
|
heap
|
page read and write
|
||
|
1470000
|
heap
|
page read and write
|
||
|
114A000
|
heap
|
page read and write
|
||
|
114C000
|
heap
|
page read and write
|
||
|
1165000
|
heap
|
page read and write
|
||
|
298E000
|
stack
|
page read and write
|
||
|
119C000
|
heap
|
page read and write
|
||
|
D3A000
|
stack
|
page read and write
|
||
|
C9A000
|
trusted library allocation
|
page execute and read and write
|
||
|
116A000
|
heap
|
page read and write
|
||
|
4DFE000
|
stack
|
page read and write
|
||
|
15E2000
|
trusted library allocation
|
page execute and read and write
|
||
|
6EAC000
|
stack
|
page read and write
|
||
|
114B000
|
heap
|
page read and write
|
||
|
57F3000
|
heap
|
page read and write
|
||
|
F2E000
|
stack
|
page read and write
|
||
|
132D000
|
stack
|
page read and write
|
||
|
116A000
|
heap
|
page read and write
|
||
|
FF2000
|
trusted library allocation
|
page execute and read and write
|
||
|
1145000
|
heap
|
page read and write
|
||
|
5940000
|
trusted library allocation
|
page execute and read and write
|
||
|
15EA000
|
trusted library allocation
|
page execute and read and write
|
||
|
1107000
|
heap
|
page read and write
|
||
|
15B2000
|
trusted library allocation
|
page execute and read and write
|
||
|
159E000
|
stack
|
page read and write
|
||
|
8DCC000
|
stack
|
page read and write
|
||
|
117B000
|
heap
|
page read and write
|
||
|
2EA5000
|
trusted library allocation
|
page read and write
|
||
|
15D7000
|
trusted library allocation
|
page execute and read and write
|
||
|
1171000
|
heap
|
page read and write
|
||
|
113F000
|
heap
|
page read and write
|
||
|
6DAB000
|
stack
|
page read and write
|
||
|
4FAE000
|
stack
|
page read and write
|
||
|
B69000
|
stack
|
page read and write
|
There are 438 hidden memdumps, click here to show them.