Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
wIJ2SPVh6Y.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v2.0_32\UsageLogs\wIJ2SPVh6Y.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\confuse\chargeable.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v2.0_32\UsageLogs\chargeable.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
\Device\ConDrv
|
ASCII text, with CRLF line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\wIJ2SPVh6Y.exe
|
"C:\Users\user\Desktop\wIJ2SPVh6Y.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\confuse\chargeable.exe
|
"C:\Users\user\AppData\Roaming\confuse\chargeable.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\confuse\chargeable.exe
|
C:\Users\user\AppData\Roaming\confuse\chargeable.exe
|
|
|
|
C:\Users\user\AppData\Roaming\confuse\chargeable.exe
|
C:\Users\user\AppData\Roaming\confuse\chargeable.exe
|
|
|
|
C:\Windows\SysWOW64\netsh.exe
|
netsh firewall add allowedprogram "C:\Users\user\AppData\Roaming\confuse\chargeable.exe" "chargeable.exe" ENABLE
|
|
|
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 7476 -s 80
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
doddyfire.linkpc.net
|
|
||
|
https://www.sysinternals.com0
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
doddyfire.linkpc.net
|
198.42.118.111
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
198.42.118.111
|
doddyfire.linkpc.net
|
United States
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
confuse
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
SysMain
|
|
|
|
HKEY_CURRENT_USER
|
di
|
|
|
|
HKEY_CURRENT_USER\Environment
|
SEE_MASK_NOZONECHECKS
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\e1a87040f2026369a233f9ae76301b7b
|
[kl]
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
402000
|
remote allocation
|
page execute and read and write
|
|
|
|
33B1000
|
trusted library allocation
|
page read and write
|
|
|
|
B82000
|
heap
|
page read and write
|
||
|
B70000
|
heap
|
page read and write
|
||
|
A3A000
|
trusted library allocation
|
page execute and read and write
|
||
|
E22000
|
trusted library allocation
|
page execute and read and write
|
||
|
1050000
|
heap
|
page read and write
|
||
|
688E000
|
stack
|
page read and write
|
||
|
4321000
|
trusted library allocation
|
page read and write
|
||
|
4F82000
|
heap
|
page read and write
|
||
|
BD8000
|
heap
|
page read and write
|
||
|
EE6000
|
heap
|
page read and write
|
||
|
BD4000
|
heap
|
page read and write
|
||
|
5FE000
|
stack
|
page read and write
|
||
|
BCC000
|
heap
|
page read and write
|
||
|
BB0000
|
heap
|
page read and write
|
||
|
2D2E000
|
stack
|
page read and write
|
||
|
B54000
|
heap
|
page read and write
|
||
|
B27000
|
heap
|
page read and write
|
||
|
960000
|
heap
|
page read and write
|
||
|
EE2000
|
heap
|
page read and write
|
||
|
2FBF000
|
stack
|
page read and write
|
||
|
6FCE000
|
stack
|
page read and write
|
||
|
6290000
|
heap
|
page read and write
|
||
|
5620000
|
heap
|
page read and write
|
||
|
10F7000
|
heap
|
page read and write
|
||
|
1160000
|
heap
|
page read and write
|
||
|
BB2000
|
heap
|
page read and write
|
||
|
B17000
|
heap
|
page read and write
|
||
|
10AE000
|
stack
|
page read and write
|
||
|
4F8E000
|
heap
|
page read and write
|
||
|
15FF000
|
stack
|
page read and write
|
||
|
BCD000
|
heap
|
page read and write
|
||
|
54FE000
|
stack
|
page read and write
|
||
|
462000
|
unkown
|
page readonly
|
||
|
B33000
|
heap
|
page read and write
|
||
|
B86000
|
heap
|
page read and write
|
||
|
B1F000
|
heap
|
page read and write
|
||
|
B6D000
|
heap
|
page read and write
|
||
|
E37000
|
trusted library allocation
|
page execute and read and write
|
||
|
C9B000
|
heap
|
page read and write
|
||
|
B7A000
|
heap
|
page read and write
|
||
|
B71000
|
heap
|
page read and write
|
||
|
CDE000
|
unkown
|
page read and write
|
||
|
B54000
|
heap
|
page read and write
|
||
|
EE9000
|
heap
|
page read and write
|
||
|
B8A000
|
heap
|
page read and write
|
||
|
12FC000
|
stack
|
page read and write
|
||
|
58F0000
|
heap
|
page read and write
|
||
|
BD3000
|
heap
|
page read and write
|
||
|
112B000
|
trusted library allocation
|
page execute and read and write
|
||
|
58BC000
|
stack
|
page read and write
|
||
|
62A0000
|
heap
|
page read and write
|
||
|
B7D000
|
heap
|
page read and write
|
||
|
A22000
|
trusted library allocation
|
page execute and read and write
|
||
|
1672000
|
trusted library allocation
|
page read and write
|
||
|
4F88000
|
heap
|
page read and write
|
||
|
B39000
|
heap
|
page read and write
|
||
|
6ECE000
|
stack
|
page read and write
|
||
|
E40000
|
heap
|
page read and write
|
||
|
B89000
|
heap
|
page read and write
|
||
|
822F000
|
stack
|
page read and write
|
||
|
BB2000
|
heap
|
page read and write
|
||
|
B01000
|
heap
|
page read and write
|
||
|
680E000
|
stack
|
page read and write
|
||
|
3321000
|
trusted library allocation
|
page read and write
|
||
|
1265000
|
heap
|
page read and write
|
||
|
B89000
|
heap
|
page read and write
|
||
|
51AC000
|
stack
|
page read and write
|
||
|
B4A000
|
heap
|
page read and write
|
||
|
4990000
|
heap
|
page read and write
|
||
|
55B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1120000
|
trusted library allocation
|
page read and write
|
||
|
16DE000
|
stack
|
page read and write
|
||
|
2C78000
|
trusted library allocation
|
page read and write
|
||
|
BB2000
|
heap
|
page read and write
|
||
|
8FB000
|
stack
|
page read and write
|
||
|
4F9A000
|
heap
|
page read and write
|
||
|
84AC000
|
stack
|
page read and write
|
||
|
1136000
|
stack
|
page read and write
|
||
|
5930000
|
heap
|
page read and write
|
||
|
8F6000
|
stack
|
page read and write
|
||
|
AE0000
|
heap
|
page read and write
|
||
|
C9F000
|
heap
|
page read and write
|
||
|
B76000
|
heap
|
page read and write
|
||
|
1690000
|
trusted library allocation
|
page read and write
|
||
|
1310000
|
heap
|
page read and write
|
||
|
1112000
|
trusted library allocation
|
page execute and read and write
|
||
|
1617000
|
heap
|
page read and write
|
||
|
8120000
|
trusted library section
|
page read and write
|
||
|
C20000
|
heap
|
page read and write
|
||
|
13C8000
|
heap
|
page read and write
|
||
|
13FF000
|
heap
|
page read and write
|
||
|
6E8E000
|
stack
|
page read and write
|
||
|
BDC000
|
heap
|
page read and write
|
||
|
8F3000
|
stack
|
page read and write
|
||
|
33AE000
|
trusted library allocation
|
page read and write
|
||
|
167A000
|
trusted library allocation
|
page execute and read and write
|
||
|
1470000
|
trusted library allocation
|
page execute and read and write
|
||
|
169B000
|
trusted library allocation
|
page execute and read and write
|
||
|
4E0E000
|
stack
|
page read and write
|
||
|
870000
|
heap
|
page read and write
|
||
|
1438000
|
heap
|
page read and write
|
||
|
13C0000
|
heap
|
page read and write
|
||
|
D10000
|
heap
|
page read and write
|
||
|
4F98000
|
heap
|
page read and write
|
||
|
1240000
|
heap
|
page read and write
|
||
|
5860000
|
heap
|
page read and write
|
||
|
BAE000
|
heap
|
page read and write
|
||
|
4F1E000
|
stack
|
page read and write
|
||
|
4F8B000
|
heap
|
page read and write
|
||
|
13D0000
|
heap
|
page read and write
|
||
|
B26000
|
heap
|
page read and write
|
||
|
985000
|
heap
|
page read and write
|
||
|
5610000
|
trusted library section
|
page readonly
|
||
|
AA0000
|
heap
|
page read and write
|
||
|
ABE000
|
stack
|
page read and write
|
||
|
1030000
|
trusted library allocation
|
page read and write
|
||
|
12A0000
|
heap
|
page read and write
|
||
|
5970000
|
trusted library allocation
|
page read and write
|
||
|
B37000
|
heap
|
page read and write
|
||
|
5280000
|
heap
|
page read and write
|
||
|
1710000
|
heap
|
page execute and read and write
|
||
|
553E000
|
stack
|
page read and write
|
||
|
665E000
|
stack
|
page read and write
|
||
|
670E000
|
stack
|
page read and write
|
||
|
BDB000
|
heap
|
page read and write
|
||
|
4880000
|
heap
|
page read and write
|
||
|
560000
|
heap
|
page read and write
|
||
|
5BE000
|
stack
|
page read and write
|
||
|
1070000
|
heap
|
page read and write
|
||
|
B29000
|
heap
|
page read and write
|
||
|
5135000
|
heap
|
page read and write
|
||
|
B6E000
|
heap
|
page read and write
|
||
|
56D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
B54000
|
heap
|
page read and write
|
||
|
BCC000
|
heap
|
page read and write
|
||
|
E1E000
|
stack
|
page read and write
|
||
|
5AA0000
|
heap
|
page read and write
|
||
|
BB2000
|
heap
|
page read and write
|
||
|
846E000
|
stack
|
page read and write
|
||
|
1677000
|
trusted library allocation
|
page execute and read and write
|
||
|
4F8B000
|
heap
|
page read and write
|
||
|
CE6000
|
heap
|
page read and write
|
||
|
53FB000
|
stack
|
page read and write
|
||
|
B4D000
|
heap
|
page read and write
|
||
|
B82000
|
heap
|
page read and write
|
||
|
1670000
|
trusted library allocation
|
page read and write
|
||
|
51EB000
|
stack
|
page read and write
|
||
|
16E0000
|
heap
|
page read and write
|
||
|
B4B000
|
heap
|
page read and write
|
||
|
4FC0000
|
trusted library section
|
page readonly
|
||
|
A52000
|
trusted library allocation
|
page execute and read and write
|
||
|
5AB0000
|
heap
|
page read and write
|
||
|
4F73000
|
heap
|
page read and write
|
||
|
3BE1000
|
trusted library allocation
|
page read and write
|
||
|
BD0000
|
heap
|
page read and write
|
||
|
1480000
|
heap
|
page execute and read and write
|
||
|
EFC000
|
heap
|
page read and write
|
||
|
ED8000
|
heap
|
page read and write
|
||
|
12AE000
|
stack
|
page read and write
|
||
|
516E000
|
stack
|
page read and write
|
||
|
B6E000
|
heap
|
page read and write
|
||
|
BCC000
|
heap
|
page read and write
|
||
|
6FE000
|
stack
|
page read and write
|
||
|
33F5000
|
trusted library allocation
|
page read and write
|
||
|
966000
|
heap
|
page read and write
|
||
|
A75000
|
heap
|
page read and write
|
||
|
700E000
|
stack
|
page read and write
|
||
|
1316000
|
heap
|
page read and write
|
||
|
312E000
|
trusted library allocation
|
page read and write
|
||
|
55A0000
|
trusted library allocation
|
page read and write
|
||
|
4F82000
|
heap
|
page read and write
|
||
|
5750000
|
heap
|
page read and write
|
||
|
166A000
|
trusted library allocation
|
page execute and read and write
|
||
|
AEB000
|
heap
|
page read and write
|
||
|
4F9B000
|
heap
|
page read and write
|
||
|
B80000
|
heap
|
page read and write
|
||
|
B82000
|
heap
|
page read and write
|
||
|
B6D000
|
heap
|
page read and write
|
||
|
1660000
|
trusted library allocation
|
page read and write
|
||
|
BB0000
|
heap
|
page read and write
|
||
|
B79000
|
heap
|
page read and write
|
||
|
5935000
|
heap
|
page read and write
|
||
|
B60000
|
heap
|
page read and write
|
||
|
39C000
|
stack
|
page read and write
|
||
|
832F000
|
stack
|
page read and write
|
||
|
C97000
|
heap
|
page read and write
|
||
|
166C000
|
trusted library allocation
|
page execute and read and write
|
||
|
5900000
|
trusted library allocation
|
page execute and read and write
|
||
|
BD0000
|
heap
|
page read and write
|
||
|
B35000
|
heap
|
page read and write
|
||
|
B8D000
|
heap
|
page read and write
|
||
|
B85000
|
heap
|
page read and write
|
||
|
C10000
|
trusted library allocation
|
page read and write
|
||
|
836E000
|
stack
|
page read and write
|
||
|
A67000
|
trusted library allocation
|
page execute and read and write
|
||
|
4F60000
|
heap
|
page read and write
|
||
|
52E3000
|
heap
|
page read and write
|
||
|
572E000
|
stack
|
page read and write
|
||
|
30E8000
|
trusted library allocation
|
page read and write
|
||
|
A10000
|
trusted library allocation
|
page read and write
|
||
|
14FE000
|
stack
|
page read and write
|
||
|
BD0000
|
heap
|
page read and write
|
||
|
5760000
|
heap
|
page read and write
|
||
|
1060000
|
heap
|
page execute and read and write
|
||
|
94E000
|
unkown
|
page read and write
|
||
|
1697000
|
trusted library allocation
|
page execute and read and write
|
||
|
4FBB000
|
stack
|
page read and write
|
||
|
13CE000
|
heap
|
page read and write
|
||
|
BB0000
|
heap
|
page read and write
|
||
|
E48000
|
heap
|
page read and write
|
||
|
D75000
|
heap
|
page read and write
|
||
|
52F0000
|
unclassified section
|
page read and write
|
||
|
1642000
|
trusted library allocation
|
page execute and read and write
|
||
|
B76000
|
heap
|
page read and write
|
||
|
5269000
|
stack
|
page read and write
|
||
|
B85000
|
heap
|
page read and write
|
||
|
A32000
|
trusted library allocation
|
page execute and read and write
|
||
|
1662000
|
trusted library allocation
|
page execute and read and write
|
||
|
52E0000
|
heap
|
page read and write
|
||
|
B4C000
|
heap
|
page read and write
|
||
|
714E000
|
stack
|
page read and write
|
||
|
B2C000
|
heap
|
page read and write
|
||
|
4F70000
|
heap
|
page read and write
|
||
|
86EE000
|
stack
|
page read and write
|
||
|
6D8E000
|
stack
|
page read and write
|
||
|
E12000
|
trusted library allocation
|
page execute and read and write
|
||
|
BCC000
|
heap
|
page read and write
|
||
|
A70000
|
heap
|
page read and write
|
||
|
BCE000
|
heap
|
page read and write
|
||
|
164A000
|
trusted library allocation
|
page execute and read and write
|
||
|
E76000
|
heap
|
page read and write
|
||
|
9BA000
|
stack
|
page read and write
|
||
|
EA4000
|
heap
|
page read and write
|
||
|
4DDE000
|
stack
|
page read and write
|
||
|
103A000
|
stack
|
page read and write
|
||
|
1450000
|
trusted library allocation
|
page read and write
|
||
|
6D80000
|
trusted library allocation
|
page execute and read and write
|
||
|
1458000
|
heap
|
page read and write
|
||
|
B39000
|
heap
|
page read and write
|
||
|
B39000
|
heap
|
page read and write
|
||
|
BB2000
|
heap
|
page read and write
|
||
|
69A2000
|
trusted library allocation
|
page read and write
|
||
|
B38000
|
heap
|
page read and write
|
||
|
B78000
|
heap
|
page read and write
|
||
|
E00000
|
trusted library allocation
|
page read and write
|
||
|
4F8B000
|
heap
|
page read and write
|
||
|
460000
|
unkown
|
page readonly
|
||
|
D60000
|
heap
|
page read and write
|
||
|
B37000
|
heap
|
page read and write
|
||
|
1463000
|
heap
|
page read and write
|
||
|
1139000
|
stack
|
page read and write
|
||
|
B4A000
|
heap
|
page read and write
|
||
|
BCC000
|
heap
|
page read and write
|
||
|
655E000
|
stack
|
page read and write
|
||
|
DDF000
|
stack
|
page read and write
|
||
|
B01000
|
heap
|
page read and write
|
||
|
B20000
|
heap
|
page read and write
|
||
|
1150000
|
heap
|
page read and write
|
||
|
BDD000
|
heap
|
page read and write
|
||
|
B6E000
|
heap
|
page read and write
|
||
|
BDA000
|
heap
|
page read and write
|
||
|
710F000
|
stack
|
page read and write
|
||
|
6C20000
|
heap
|
page read and write
|
||
|
B85000
|
heap
|
page read and write
|
||
|
BCC000
|
heap
|
page read and write
|
||
|
5950000
|
heap
|
page read and write
|
||
|
B37000
|
heap
|
page read and write
|
||
|
A2A000
|
trusted library allocation
|
page execute and read and write
|
||
|
C28000
|
heap
|
page read and write
|
||
|
D70000
|
heap
|
page read and write
|
||
|
85ED000
|
stack
|
page read and write
|
||
|
10EE000
|
stack
|
page read and write
|
||
|
5990000
|
heap
|
page read and write
|
||
|
3071000
|
trusted library allocation
|
page read and write
|
||
|
B37000
|
heap
|
page read and write
|
||
|
4CDE000
|
stack
|
page read and write
|
||
|
50FD000
|
stack
|
page read and write
|
||
|
B88000
|
heap
|
page read and write
|
||
|
BB2000
|
heap
|
page read and write
|
||
|
4F8B000
|
heap
|
page read and write
|
||
|
B85000
|
heap
|
page read and write
|
||
|
B14000
|
heap
|
page read and write
|
||
|
8F9000
|
stack
|
page read and write
|
||
|
1630000
|
trusted library allocation
|
page read and write
|
||
|
1328000
|
trusted library allocation
|
page read and write
|
||
|
BD2000
|
heap
|
page read and write
|
||
|
CB1000
|
heap
|
page read and write
|
||
|
BD3000
|
heap
|
page read and write
|
||
|
BD0000
|
heap
|
page read and write
|
||
|
8110000
|
heap
|
page read and write
|
||
|
BB0000
|
heap
|
page read and write
|
||
|
AD0000
|
heap
|
page read and write
|
||
|
B7D000
|
heap
|
page read and write
|
||
|
5100000
|
heap
|
page read and write
|
||
|
13AE000
|
stack
|
page read and write
|
||
|
85AC000
|
stack
|
page read and write
|
||
|
B8D000
|
heap
|
page read and write
|
||
|
4F99000
|
heap
|
page read and write
|
||
|
2C71000
|
trusted library allocation
|
page read and write
|
||
|
BB0000
|
heap
|
page read and write
|
||
|
B76000
|
heap
|
page read and write
|
||
|
CF6000
|
stack
|
page read and write
|
||
|
4F8D000
|
heap
|
page read and write
|
||
|
4071000
|
trusted library allocation
|
page read and write
|
||
|
A9E000
|
stack
|
page read and write
|
||
|
950000
|
heap
|
page read and write
|
||
|
1650000
|
heap
|
page read and write
|
||
|
50A000
|
stack
|
page read and write
|
||
|
5110000
|
heap
|
page read and write
|
||
|
7F3F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1020000
|
trusted library allocation
|
page execute and read and write
|
||
|
BB2000
|
heap
|
page read and write
|
||
|
1460000
|
trusted library allocation
|
page read and write
|
||
|
B26000
|
heap
|
page read and write
|
||
|
140B000
|
heap
|
page read and write
|
||
|
EF1000
|
heap
|
page read and write
|
||
|
BD3000
|
heap
|
page read and write
|
||
|
C5E000
|
heap
|
page read and write
|
||
|
B79000
|
heap
|
page read and write
|
||
|
B8D000
|
heap
|
page read and write
|
||
|
55C0000
|
trusted library allocation
|
page read and write
|
||
|
BAE000
|
heap
|
page read and write
|
||
|
8FE000
|
stack
|
page read and write
|
||
|
557E000
|
stack
|
page read and write
|
||
|
5A9D000
|
stack
|
page read and write
|
||
|
168A000
|
trusted library allocation
|
page execute and read and write
|
||
|
10F0000
|
heap
|
page read and write
|
||
|
B54000
|
heap
|
page read and write
|
||
|
A3C000
|
trusted library allocation
|
page execute and read and write
|
||
|
D00000
|
heap
|
page read and write
|
||
|
BB1000
|
heap
|
page read and write
|
||
|
B4A000
|
heap
|
page read and write
|
||
|
582F000
|
stack
|
page read and write
|
||
|
B73000
|
heap
|
page read and write
|
||
|
BB0000
|
heap
|
page read and write
|
||
|
1260000
|
heap
|
page read and write
|
||
|
684E000
|
stack
|
page read and write
|
||
|
1682000
|
trusted library allocation
|
page execute and read and write
|
||
|
B8A000
|
heap
|
page read and write
|
||
|
B6E000
|
heap
|
page read and write
|
||
|
4E10000
|
heap
|
page read and write
|
||
|
B2B000
|
stack
|
page read and write
|
||
|
2BE1000
|
trusted library allocation
|
page read and write
|
||
|
980000
|
heap
|
page read and write
|
||
|
BB0000
|
heap
|
page read and write
|
||
|
BD0000
|
heap
|
page read and write
|
||
|
B7D000
|
heap
|
page read and write
|
||
|
B6D000
|
heap
|
page read and write
|
||
|
BDE000
|
heap
|
page read and write
|
||
|
BD5000
|
heap
|
page read and write
|
||
|
3300000
|
heap
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
B83000
|
heap
|
page read and write
|
||
|
5993000
|
heap
|
page read and write
|
||
|
8EE000
|
stack
|
page read and write
|
||
|
B7D000
|
heap
|
page read and write
|
||
|
B6D000
|
heap
|
page read and write
|
||
|
143C000
|
heap
|
page read and write
|
||
|
AF1000
|
heap
|
page read and write
|
||
|
B8A000
|
heap
|
page read and write
|
||
|
570000
|
heap
|
page read and write
|
||
|
B4C000
|
heap
|
page read and write
|
||
|
B28000
|
heap
|
page read and write
|
||
|
30C4000
|
trusted library allocation
|
page read and write
|
||
|
B39000
|
heap
|
page read and write
|
||
|
BDB000
|
heap
|
page read and write
|
||
|
4F8B000
|
heap
|
page read and write
|
||
|
EB7000
|
heap
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
10F0000
|
heap
|
page read and write
|
||
|
B7A000
|
heap
|
page read and write
|
||
|
B2C000
|
heap
|
page read and write
|
||
|
E20000
|
trusted library allocation
|
page read and write
|
||
|
AF4000
|
heap
|
page read and write
|
||
|
4FF5000
|
heap
|
page read and write
|
||
|
A62000
|
trusted library allocation
|
page read and write
|
||
|
BCC000
|
heap
|
page read and write
|
||
|
310B000
|
trusted library allocation
|
page read and write
|
||
|
58E0000
|
heap
|
page read and write
|
||
|
C2E000
|
heap
|
page read and write
|
||
|
13E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1440000
|
heap
|
page read and write
|
||
|
1122000
|
trusted library allocation
|
page read and write
|
||
|
59B000
|
stack
|
page read and write
|
||
|
B4C000
|
heap
|
page read and write
|
||
|
13C0000
|
trusted library allocation
|
page read and write
|
||
|
E2A000
|
trusted library allocation
|
page execute and read and write
|
||
|
B35000
|
heap
|
page read and write
|
||
|
E3A000
|
trusted library allocation
|
page execute and read and write
|
||
|
4F0F000
|
stack
|
page read and write
|
||
|
4FF0000
|
heap
|
page read and write
|
||
|
522C000
|
stack
|
page read and write
|
||
|
129E000
|
stack
|
page read and write
|
||
|
A30000
|
trusted library allocation
|
page read and write
|
||
|
A4A000
|
trusted library allocation
|
page execute and read and write
|
||
|
1127000
|
trusted library allocation
|
page execute and read and write
|
||
|
4F84000
|
heap
|
page read and write
|
||
|
B4A000
|
heap
|
page read and write
|
||
|
1610000
|
heap
|
page read and write
|
||
|
BDE000
|
heap
|
page read and write
|
||
|
B8B000
|
heap
|
page read and write
|
||
|
B26000
|
heap
|
page read and write
|
||
|
B01000
|
heap
|
page read and write
|
||
|
A42000
|
trusted library allocation
|
page read and write
|
||
|
B89000
|
heap
|
page read and write
|
||
|
A5A000
|
trusted library allocation
|
page execute and read and write
|
||
|
F1F000
|
stack
|
page read and write
|
||
|
2C6E000
|
trusted library allocation
|
page read and write
|
||
|
4F97000
|
heap
|
page read and write
|
||
|
E1A000
|
trusted library allocation
|
page execute and read and write
|
||
|
B7D000
|
heap
|
page read and write
|
||
|
111A000
|
trusted library allocation
|
page execute and read and write
|
||
|
A47000
|
trusted library allocation
|
page execute and read and write
|
||
|
A6B000
|
trusted library allocation
|
page execute and read and write
|
||
|
101F000
|
stack
|
page read and write
|
||
|
B8F000
|
heap
|
page read and write
|
||
|
900000
|
heap
|
page read and write
|
||
|
866E000
|
stack
|
page read and write
|
||
|
4F8D000
|
heap
|
page read and write
|
There are 411 hidden memdumps, click here to show them.