Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
1IPG5H92Qv.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v2.0_32\UsageLogs\1IPG5H92Qv.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\confuse\chargeable.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v2.0_32\UsageLogs\chargeable.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
\Device\ConDrv
|
ASCII text, with CRLF line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\1IPG5H92Qv.exe
|
"C:\Users\user\Desktop\1IPG5H92Qv.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\confuse\chargeable.exe
|
"C:\Users\user\AppData\Roaming\confuse\chargeable.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\confuse\chargeable.exe
|
C:\Users\user\AppData\Roaming\confuse\chargeable.exe
|
|
|
|
C:\Users\user\AppData\Roaming\confuse\chargeable.exe
|
"C:\Users\user\AppData\Roaming\confuse\chargeable.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\confuse\chargeable.exe
|
C:\Users\user\AppData\Roaming\confuse\chargeable.exe
|
|
|
|
C:\Users\user\AppData\Roaming\confuse\chargeable.exe
|
C:\Users\user\AppData\Roaming\confuse\chargeable.exe
|
|
|
|
C:\Windows\SysWOW64\netsh.exe
|
netsh firewall add allowedprogram "C:\Users\user\AppData\Roaming\confuse\chargeable.exe" "chargeable.exe" ENABLE
|
|
|
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 3184 -s 80
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
doddyfire.linkpc.net
|
|
||
|
https://www.sysinternals.com0
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
doddyfire.linkpc.net
|
198.42.118.111
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
198.42.118.111
|
doddyfire.linkpc.net
|
United States
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
confuse
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
SysMain
|
|
|
|
HKEY_CURRENT_USER
|
di
|
|
|
|
HKEY_CURRENT_USER\Environment
|
SEE_MASK_NOZONECHECKS
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\e1a87040f2026369a233f9ae76301b7b
|
[kl]
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
402000
|
remote allocation
|
page execute and read and write
|
|
|
|
2871000
|
trusted library allocation
|
page read and write
|
|
|
|
5023000
|
heap
|
page read and write
|
||
|
8D2000
|
trusted library allocation
|
page execute and read and write
|
||
|
37FC000
|
heap
|
page read and write
|
||
|
37F6000
|
heap
|
page read and write
|
||
|
5239000
|
stack
|
page read and write
|
||
|
5A21000
|
heap
|
page read and write
|
||
|
56FE000
|
stack
|
page read and write
|
||
|
5A00000
|
heap
|
page read and write
|
||
|
12C5000
|
heap
|
page read and write
|
||
|
16E2000
|
trusted library allocation
|
page execute and read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
38A6000
|
heap
|
page read and write
|
||
|
6C0000
|
heap
|
page read and write
|
||
|
15D9000
|
heap
|
page read and write
|
||
|
14E2000
|
trusted library allocation
|
page execute and read and write
|
||
|
1350000
|
heap
|
page read and write
|
||
|
3861000
|
heap
|
page read and write
|
||
|
286E000
|
trusted library allocation
|
page read and write
|
||
|
37C1000
|
heap
|
page read and write
|
||
|
6B0000
|
trusted library allocation
|
page read and write
|
||
|
35E2000
|
trusted library allocation
|
page read and write
|
||
|
4FC5000
|
heap
|
page read and write
|
||
|
1810000
|
heap
|
page read and write
|
||
|
382B000
|
heap
|
page read and write
|
||
|
85E000
|
stack
|
page read and write
|
||
|
3804000
|
heap
|
page read and write
|
||
|
1507000
|
trusted library allocation
|
page execute and read and write
|
||
|
121B000
|
trusted library allocation
|
page execute and read and write
|
||
|
58FF000
|
stack
|
page read and write
|
||
|
506E000
|
stack
|
page read and write
|
||
|
5580000
|
trusted library allocation
|
page execute and read and write
|
||
|
C70000
|
heap
|
page read and write
|
||
|
FFB000
|
stack
|
page read and write
|
||
|
12A0000
|
heap
|
page read and write
|
||
|
39A0000
|
heap
|
page read and write
|
||
|
3802000
|
heap
|
page read and write
|
||
|
35CE000
|
unkown
|
page read and write
|
||
|
4A1E000
|
stack
|
page read and write
|
||
|
156F000
|
stack
|
page read and write
|
||
|
5B5D000
|
stack
|
page read and write
|
||
|
14C0000
|
heap
|
page read and write
|
||
|
3832000
|
heap
|
page read and write
|
||
|
1206000
|
heap
|
page read and write
|
||
|
38AB000
|
heap
|
page read and write
|
||
|
31DE000
|
stack
|
page read and write
|
||
|
11C0000
|
heap
|
page read and write
|
||
|
16C0000
|
trusted library allocation
|
page read and write
|
||
|
383E000
|
heap
|
page read and write
|
||
|
6FFE000
|
stack
|
page read and write
|
||
|
1370000
|
heap
|
page read and write
|
||
|
1830000
|
heap
|
page read and write
|
||
|
5BA0000
|
heap
|
page read and write
|
||
|
37FE000
|
heap
|
page read and write
|
||
|
3861000
|
heap
|
page read and write
|
||
|
3823000
|
heap
|
page read and write
|
||
|
3840000
|
heap
|
page read and write
|
||
|
4E0E000
|
stack
|
page read and write
|
||
|
59DF000
|
stack
|
page read and write
|
||
|
5A9000
|
stack
|
page read and write
|
||
|
5900000
|
heap
|
page read and write
|
||
|
3829000
|
heap
|
page read and write
|
||
|
37F6000
|
heap
|
page read and write
|
||
|
8B2000
|
trusted library allocation
|
page execute and read and write
|
||
|
5A2C000
|
heap
|
page read and write
|
||
|
5A26000
|
heap
|
page read and write
|
||
|
F10000
|
trusted library allocation
|
page read and write
|
||
|
381E000
|
heap
|
page read and write
|
||
|
10D0000
|
heap
|
page read and write
|
||
|
5A3A000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
3828000
|
heap
|
page read and write
|
||
|
3839000
|
heap
|
page read and write
|
||
|
30FE000
|
stack
|
page read and write
|
||
|
819E000
|
stack
|
page read and write
|
||
|
4C0E000
|
stack
|
page read and write
|
||
|
859D000
|
stack
|
page read and write
|
||
|
12F9000
|
stack
|
page read and write
|
||
|
C6E000
|
stack
|
page read and write
|
||
|
382F000
|
heap
|
page read and write
|
||
|
5A37000
|
heap
|
page read and write
|
||
|
855C000
|
stack
|
page read and write
|
||
|
89E000
|
stack
|
page read and write
|
||
|
4AA000
|
stack
|
page read and write
|
||
|
6EBE000
|
stack
|
page read and write
|
||
|
841F000
|
stack
|
page read and write
|
||
|
8DA000
|
trusted library allocation
|
page execute and read and write
|
||
|
8C7000
|
trusted library allocation
|
page execute and read and write
|
||
|
5120000
|
trusted library allocation
|
page read and write
|
||
|
383E000
|
heap
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
932000
|
trusted library allocation
|
page execute and read and write
|
||
|
2C2E000
|
stack
|
page read and write
|
||
|
31FE000
|
stack
|
page read and write
|
||
|
1BA000
|
stack
|
page read and write
|
||
|
9F0000
|
heap
|
page read and write
|
||
|
6D59000
|
heap
|
page read and write
|
||
|
8F0000
|
trusted library allocation
|
page read and write
|
||
|
37EF000
|
heap
|
page read and write
|
||
|
4D80000
|
trusted library section
|
page readonly
|
||
|
38AE000
|
heap
|
page read and write
|
||
|
1522000
|
trusted library allocation
|
page execute and read and write
|
||
|
382A000
|
heap
|
page read and write
|
||
|
14F0000
|
trusted library allocation
|
page read and write
|
||
|
8CA000
|
trusted library allocation
|
page execute and read and write
|
||
|
1460000
|
heap
|
page read and write
|
||
|
5130000
|
heap
|
page read and write
|
||
|
6D30000
|
heap
|
page read and write
|
||
|
F24000
|
heap
|
page read and write
|
||
|
16C2000
|
trusted library allocation
|
page execute and read and write
|
||
|
4DB0000
|
heap
|
page read and write
|
||
|
35EF000
|
trusted library allocation
|
page read and write
|
||
|
4C60000
|
heap
|
page read and write
|
||
|
50A0000
|
heap
|
page read and write
|
||
|
678E000
|
stack
|
page read and write
|
||
|
5BE000
|
heap
|
page read and write
|
||
|
3800000
|
heap
|
page read and write
|
||
|
512D000
|
stack
|
page read and write
|
||
|
3823000
|
heap
|
page read and write
|
||
|
645000
|
heap
|
page read and write
|
||
|
810000
|
heap
|
page read and write
|
||
|
3837000
|
heap
|
page read and write
|
||
|
4C60000
|
trusted library allocation
|
page read and write
|
||
|
16C6000
|
trusted library allocation
|
page execute and read and write
|
||
|
4FC0000
|
heap
|
page read and write
|
||
|
1480000
|
heap
|
page read and write
|
||
|
664E000
|
stack
|
page read and write
|
||
|
3809000
|
heap
|
page read and write
|
||
|
3862000
|
heap
|
page read and write
|
||
|
510000
|
heap
|
page read and write
|
||
|
557E000
|
stack
|
page read and write
|
||
|
16FB000
|
trusted library allocation
|
page execute and read and write
|
||
|
5130000
|
trusted library allocation
|
page read and write
|
||
|
5B95000
|
heap
|
page read and write
|
||
|
1510000
|
heap
|
page execute and read and write
|
||
|
6D4E000
|
heap
|
page read and write
|
||
|
15C2000
|
heap
|
page read and write
|
||
|
37B0000
|
heap
|
page read and write
|
||
|
91A000
|
trusted library allocation
|
page execute and read and write
|
||
|
8D0000
|
heap
|
page read and write
|
||
|
4F0F000
|
stack
|
page read and write
|
||
|
3801000
|
heap
|
page read and write
|
||
|
1378000
|
heap
|
page read and write
|
||
|
383B000
|
heap
|
page read and write
|
||
|
636E000
|
stack
|
page read and write
|
||
|
91C000
|
trusted library allocation
|
page execute and read and write
|
||
|
EC4000
|
heap
|
page read and write
|
||
|
4A50000
|
heap
|
page read and write
|
||
|
565E000
|
stack
|
page read and write
|
||
|
173E000
|
stack
|
page read and write
|
||
|
AB0000
|
heap
|
page execute and read and write
|
||
|
5090000
|
trusted library allocation
|
page read and write
|
||
|
81DE000
|
stack
|
page read and write
|
||
|
50A3000
|
heap
|
page read and write
|
||
|
3804000
|
heap
|
page read and write
|
||
|
2BA8000
|
trusted library allocation
|
page read and write
|
||
|
922000
|
trusted library allocation
|
page read and write
|
||
|
57FF000
|
stack
|
page read and write
|
||
|
4D6D000
|
stack
|
page read and write
|
||
|
3837000
|
heap
|
page read and write
|
||
|
15BA000
|
heap
|
page read and write
|
||
|
130E000
|
stack
|
page read and write
|
||
|
809E000
|
stack
|
page read and write
|
||
|
60A0000
|
trusted library allocation
|
page read and write
|
||
|
4A20000
|
trusted library allocation
|
page execute and read and write
|
||
|
942000
|
trusted library allocation
|
page read and write
|
||
|
37D1000
|
heap
|
page read and write
|
||
|
141E000
|
stack
|
page read and write
|
||
|
16CC000
|
trusted library allocation
|
page execute and read and write
|
||
|
37E6000
|
heap
|
page read and write
|
||
|
381D000
|
heap
|
page read and write
|
||
|
3808000
|
heap
|
page read and write
|
||
|
106B000
|
stack
|
page read and write
|
||
|
31EB000
|
stack
|
page read and write
|
||
|
153B000
|
trusted library allocation
|
page execute and read and write
|
||
|
8A2000
|
trusted library allocation
|
page execute and read and write
|
||
|
831E000
|
stack
|
page read and write
|
||
|
4C63000
|
heap
|
page read and write
|
||
|
10AD000
|
unkown
|
page read and write
|
||
|
1300000
|
heap
|
page read and write
|
||
|
16B2000
|
trusted library allocation
|
page execute and read and write
|
||
|
9F0000
|
heap
|
page read and write
|
||
|
5BB0000
|
heap
|
page read and write
|
||
|
E15000
|
heap
|
page read and write
|
||
|
69B2000
|
trusted library allocation
|
page read and write
|
||
|
70FE000
|
stack
|
page read and write
|
||
|
3861000
|
heap
|
page read and write
|
||
|
38A4000
|
heap
|
page read and write
|
||
|
37F9000
|
heap
|
page read and write
|
||
|
1210000
|
trusted library allocation
|
page read and write
|
||
|
9E0000
|
heap
|
page read and write
|
||
|
5950000
|
trusted library allocation
|
page read and write
|
||
|
52B0000
|
heap
|
page read and write
|
||
|
4B9E000
|
stack
|
page read and write
|
||
|
382B000
|
heap
|
page read and write
|
||
|
94B000
|
trusted library allocation
|
page execute and read and write
|
||
|
5200000
|
heap
|
page read and write
|
||
|
15BE000
|
heap
|
page read and write
|
||
|
92A000
|
trusted library allocation
|
page execute and read and write
|
||
|
38AC000
|
heap
|
page read and write
|
||
|
2F71000
|
trusted library allocation
|
page read and write
|
||
|
9AF000
|
heap
|
page read and write
|
||
|
383B000
|
heap
|
page read and write
|
||
|
383E000
|
heap
|
page read and write
|
||
|
62B0000
|
heap
|
page read and write
|
||
|
361D000
|
stack
|
page read and write
|
||
|
1200000
|
heap
|
page read and write
|
||
|
912000
|
trusted library allocation
|
page execute and read and write
|
||
|
3809000
|
heap
|
page read and write
|
||
|
1212000
|
trusted library allocation
|
page read and write
|
||
|
1690000
|
trusted library allocation
|
page read and write
|
||
|
16F0000
|
trusted library allocation
|
page read and write
|
||
|
3807000
|
heap
|
page read and write
|
||
|
1290000
|
heap
|
page execute and read and write
|
||
|
4F60000
|
trusted library section
|
page readonly
|
||
|
37B8000
|
heap
|
page read and write
|
||
|
86D0000
|
heap
|
page read and write
|
||
|
3828000
|
heap
|
page read and write
|
||
|
38AA000
|
heap
|
page read and write
|
||
|
11EA000
|
trusted library allocation
|
page execute and read and write
|
||
|
37E1000
|
trusted library allocation
|
page read and write
|
||
|
51BB000
|
stack
|
page read and write
|
||
|
37F9000
|
heap
|
page read and write
|
||
|
382B000
|
heap
|
page read and write
|
||
|
5164000
|
heap
|
page read and write
|
||
|
37F1000
|
heap
|
page read and write
|
||
|
383E000
|
heap
|
page read and write
|
||
|
56E000
|
stack
|
page read and write
|
||
|
626000
|
heap
|
page read and write
|
||
|
869F000
|
stack
|
page read and write
|
||
|
77D000
|
stack
|
page read and write
|
||
|
14EA000
|
trusted library allocation
|
page execute and read and write
|
||
|
108F000
|
stack
|
page read and write
|
||
|
4F90000
|
heap
|
page read and write
|
||
|
383A000
|
heap
|
page read and write
|
||
|
4C4E000
|
stack
|
page read and write
|
||
|
3441000
|
trusted library allocation
|
page read and write
|
||
|
19D0000
|
trusted library allocation
|
page read and write
|
||
|
56B0000
|
heap
|
page read and write
|
||
|
38AA000
|
heap
|
page read and write
|
||
|
F35000
|
heap
|
page read and write
|
||
|
5970000
|
trusted library allocation
|
page read and write
|
||
|
FAA000
|
stack
|
page read and write
|
||
|
10C2000
|
trusted library allocation
|
page execute and read and write
|
||
|
3825000
|
heap
|
page read and write
|
||
|
37E9000
|
heap
|
page read and write
|
||
|
947000
|
trusted library allocation
|
page execute and read and write
|
||
|
37F6000
|
heap
|
page read and write
|
||
|
BDB000
|
stack
|
page read and write
|
||
|
3805000
|
heap
|
page read and write
|
||
|
134E000
|
stack
|
page read and write
|
||
|
593E000
|
stack
|
page read and write
|
||
|
10C0000
|
trusted library allocation
|
page read and write
|
||
|
5A00000
|
heap
|
page read and write
|
||
|
3839000
|
heap
|
page read and write
|
||
|
621E000
|
stack
|
page read and write
|
||
|
51FC000
|
stack
|
page read and write
|
||
|
3802000
|
heap
|
page read and write
|
||
|
402000
|
unkown
|
page readonly
|
||
|
55B0000
|
heap
|
page read and write
|
||
|
1530000
|
trusted library allocation
|
page read and write
|
||
|
249F000
|
stack
|
page read and write
|
||
|
5A2B000
|
heap
|
page read and write
|
||
|
1558000
|
heap
|
page read and write
|
||
|
10BA000
|
trusted library allocation
|
page execute and read and write
|
||
|
383C000
|
heap
|
page read and write
|
||
|
52B0000
|
unclassified section
|
page read and write
|
||
|
150A000
|
trusted library allocation
|
page execute and read and write
|
||
|
67C000
|
stack
|
page read and write
|
||
|
4D00000
|
heap
|
page read and write
|
||
|
960000
|
heap
|
page read and write
|
||
|
52A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
723E000
|
stack
|
page read and write
|
||
|
583E000
|
stack
|
page read and write
|
||
|
89E000
|
stack
|
page read and write
|
||
|
93A000
|
trusted library allocation
|
page execute and read and write
|
||
|
37F9000
|
heap
|
page read and write
|
||
|
3808000
|
heap
|
page read and write
|
||
|
4441000
|
trusted library allocation
|
page read and write
|
||
|
27E1000
|
trusted library allocation
|
page read and write
|
||
|
381C000
|
heap
|
page read and write
|
||
|
6E40000
|
trusted library allocation
|
page read and write
|
||
|
17F0000
|
heap
|
page read and write
|
||
|
48DE000
|
stack
|
page read and write
|
||
|
382A000
|
heap
|
page read and write
|
||
|
158E000
|
heap
|
page read and write
|
||
|
11E7000
|
trusted library allocation
|
page execute and read and write
|
||
|
D20000
|
heap
|
page read and write
|
||
|
1485000
|
heap
|
page read and write
|
||
|
3809000
|
heap
|
page read and write
|
||
|
37F9000
|
heap
|
page read and write
|
||
|
845B000
|
stack
|
page read and write
|
||
|
5960000
|
trusted library allocation
|
page execute and read and write
|
||
|
5A21000
|
heap
|
page read and write
|
||
|
3840000
|
heap
|
page read and write
|
||
|
178E000
|
stack
|
page read and write
|
||
|
567E000
|
stack
|
page read and write
|
||
|
8E7000
|
trusted library allocation
|
page execute and read and write
|
||
|
4DC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
5610000
|
trusted library allocation
|
page read and write
|
||
|
96E000
|
heap
|
page read and write
|
||
|
62A000
|
heap
|
page read and write
|
||
|
38A7000
|
heap
|
page read and write
|
||
|
4E15000
|
heap
|
page read and write
|
||
|
2BA1000
|
trusted library allocation
|
page read and write
|
||
|
2B11000
|
trusted library allocation
|
page read and write
|
||
|
1550000
|
heap
|
page read and write
|
||
|
3760000
|
heap
|
page read and write
|
||
|
19DF000
|
trusted library allocation
|
page read and write
|
||
|
3807000
|
heap
|
page read and write
|
||
|
4C50000
|
trusted library allocation
|
page execute and read and write
|
||
|
5680000
|
heap
|
page read and write
|
||
|
4D70000
|
heap
|
page read and write
|
||
|
4FA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
713E000
|
stack
|
page read and write
|
||
|
900000
|
heap
|
page read and write
|
||
|
3832000
|
heap
|
page read and write
|
||
|
380B000
|
heap
|
page read and write
|
||
|
11F2000
|
trusted library allocation
|
page execute and read and write
|
||
|
90A000
|
trusted library allocation
|
page execute and read and write
|
||
|
10A0000
|
trusted library allocation
|
page read and write
|
||
|
5A03000
|
heap
|
page read and write
|
||
|
37F6000
|
heap
|
page read and write
|
||
|
3836000
|
heap
|
page read and write
|
||
|
13D3000
|
heap
|
page read and write
|
||
|
5A2B000
|
heap
|
page read and write
|
||
|
902000
|
trusted library allocation
|
page execute and read and write
|
||
|
1584000
|
heap
|
page read and write
|
||
|
16F7000
|
trusted library allocation
|
page execute and read and write
|
||
|
5FA0000
|
heap
|
page read and write
|
||
|
3808000
|
heap
|
page read and write
|
||
|
1217000
|
trusted library allocation
|
page execute and read and write
|
||
|
8BA000
|
trusted library allocation
|
page execute and read and write
|
||
|
3840000
|
heap
|
page read and write
|
||
|
383C000
|
heap
|
page read and write
|
||
|
174E000
|
stack
|
page read and write
|
||
|
3B11000
|
trusted library allocation
|
page read and write
|
||
|
3807000
|
heap
|
page read and write
|
||
|
1380000
|
heap
|
page read and write
|
||
|
56A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4541000
|
trusted library allocation
|
page read and write
|
||
|
BF0000
|
heap
|
page read and write
|
||
|
5140000
|
heap
|
page read and write
|
||
|
145E000
|
stack
|
page read and write
|
||
|
950000
|
heap
|
page read and write
|
||
|
589E000
|
stack
|
page read and write
|
||
|
CD0000
|
heap
|
page execute and read and write
|
||
|
382B000
|
heap
|
page read and write
|
||
|
3613000
|
trusted library allocation
|
page read and write
|
||
|
927000
|
trusted library allocation
|
page execute and read and write
|
||
|
4E10000
|
heap
|
page read and write
|
||
|
16BA000
|
trusted library allocation
|
page execute and read and write
|
||
|
10B2000
|
trusted library allocation
|
page execute and read and write
|
||
|
31EE000
|
stack
|
page read and write
|
||
|
4F9000
|
stack
|
page read and write
|
||
|
517C000
|
stack
|
page read and write
|
||
|
547E000
|
stack
|
page read and write
|
||
|
974000
|
heap
|
page read and write
|
||
|
14D0000
|
trusted library allocation
|
page read and write
|
||
|
1060000
|
heap
|
page read and write
|
||
|
CF9000
|
stack
|
page read and write
|
||
|
51CE000
|
stack
|
page read and write
|
||
|
F20000
|
heap
|
page read and write
|
||
|
57B0000
|
heap
|
page read and write
|
||
|
4A9E000
|
stack
|
page read and write
|
||
|
381F000
|
heap
|
page read and write
|
||
|
13A4000
|
heap
|
page read and write
|
||
|
37D1000
|
heap
|
page read and write
|
||
|
37F7000
|
heap
|
page read and write
|
||
|
A2B000
|
heap
|
page read and write
|
||
|
38A5000
|
heap
|
page read and write
|
||
|
3820000
|
heap
|
page read and write
|
||
|
5A2B000
|
heap
|
page read and write
|
||
|
125E000
|
stack
|
page read and write
|
||
|
1500000
|
trusted library allocation
|
page read and write
|
||
|
94E000
|
stack
|
page read and write
|
||
|
5A5B000
|
stack
|
page read and write
|
||
|
39A6000
|
heap
|
page read and write
|
||
|
37F6000
|
heap
|
page read and write
|
||
|
5A39000
|
heap
|
page read and write
|
||
|
137C000
|
stack
|
page read and write
|
||
|
99F000
|
heap
|
page read and write
|
||
|
3824000
|
heap
|
page read and write
|
||
|
9D8000
|
heap
|
page read and write
|
||
|
300A000
|
trusted library allocation
|
page read and write
|
||
|
CF6000
|
stack
|
page read and write
|
||
|
382D000
|
heap
|
page read and write
|
||
|
380A000
|
heap
|
page read and write
|
||
|
31E4000
|
stack
|
page read and write
|
||
|
C2F000
|
stack
|
page read and write
|
||
|
3823000
|
heap
|
page read and write
|
||
|
5000000
|
trusted library section
|
page read and write
|
||
|
E2E000
|
stack
|
page read and write
|
||
|
8BC000
|
trusted library allocation
|
page execute and read and write
|
||
|
611E000
|
stack
|
page read and write
|
||
|
371E000
|
stack
|
page read and write
|
||
|
381C000
|
heap
|
page read and write
|
||
|
382B000
|
heap
|
page read and write
|
||
|
4F6000
|
stack
|
page read and write
|
||
|
1AE4000
|
heap
|
page read and write
|
||
|
5B60000
|
heap
|
page read and write
|
||
|
5B90000
|
heap
|
page read and write
|
||
|
50B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
14FC000
|
trusted library allocation
|
page execute and read and write
|
||
|
10CA000
|
trusted library allocation
|
page execute and read and write
|
||
|
3590000
|
trusted library allocation
|
page read and write
|
||
|
63AE000
|
stack
|
page read and write
|
||
|
12C0000
|
heap
|
page read and write
|
||
|
2B9E000
|
trusted library allocation
|
page read and write
|
||
|
5B70000
|
trusted library section
|
page readonly
|
||
|
3615000
|
trusted library allocation
|
page read and write
|
||
|
4F4B000
|
stack
|
page read and write
|
||
|
6FBE000
|
stack
|
page read and write
|
||
|
3808000
|
heap
|
page read and write
|
||
|
950000
|
heap
|
page read and write
|
||
|
14F2000
|
trusted library allocation
|
page execute and read and write
|
||
|
64AF000
|
stack
|
page read and write
|
||
|
5A6000
|
stack
|
page read and write
|
||
|
E10000
|
heap
|
page read and write
|
||
|
688E000
|
stack
|
page read and write
|
||
|
3821000
|
heap
|
page read and write
|
||
|
5BA000
|
heap
|
page read and write
|
||
|
381E000
|
heap
|
page read and write
|
||
|
152A000
|
trusted library allocation
|
page execute and read and write
|
||
|
3541000
|
trusted library allocation
|
page read and write
|
||
|
2FC4000
|
trusted library allocation
|
page read and write
|
||
|
A49000
|
heap
|
page read and write
|
||
|
383C000
|
heap
|
page read and write
|
||
|
138D000
|
heap
|
page read and write
|
||
|
3835000
|
heap
|
page read and write
|
||
|
4A30000
|
trusted library allocation
|
page read and write
|
||
|
12F6000
|
stack
|
page read and write
|
||
|
9DC000
|
heap
|
page read and write
|
||
|
2FE7000
|
trusted library allocation
|
page read and write
|
||
|
11FA000
|
trusted library allocation
|
page execute and read and write
|
||
|
8D5000
|
heap
|
page read and write
|
||
|
7340000
|
trusted library allocation
|
page execute and read and write
|
||
|
491E000
|
stack
|
page read and write
|
||
|
4C5C000
|
stack
|
page read and write
|
||
|
3801000
|
heap
|
page read and write
|
||
|
19E0000
|
heap
|
page read and write
|
||
|
575F000
|
stack
|
page read and write
|
||
|
1AE6000
|
heap
|
page read and write
|
||
|
4E20000
|
heap
|
page read and write
|
||
|
910000
|
trusted library allocation
|
page read and write
|
||
|
5EF000
|
heap
|
page read and write
|
||
|
381F000
|
heap
|
page read and write
|
||
|
1502000
|
trusted library allocation
|
page read and write
|
||
|
800000
|
heap
|
page read and write
|
||
|
37D1000
|
heap
|
page read and write
|
||
|
37C4000
|
heap
|
page read and write
|
||
|
3827000
|
heap
|
page read and write
|
||
|
27CE000
|
stack
|
page read and write
|
||
|
5A2B000
|
heap
|
page read and write
|
||
|
E98000
|
heap
|
page read and write
|
||
|
382E000
|
heap
|
page read and write
|
||
|
35D5000
|
heap
|
page read and write
|
||
|
6C5000
|
heap
|
page read and write
|
||
|
35D1000
|
trusted library allocation
|
page read and write
|
||
|
12A8000
|
trusted library allocation
|
page read and write
|
||
|
82DE000
|
stack
|
page read and write
|
||
|
382E000
|
heap
|
page read and write
|
||
|
F26000
|
heap
|
page read and write
|
||
|
4444000
|
trusted library allocation
|
page read and write
|
||
|
3830000
|
heap
|
page read and write
|
||
|
579E000
|
stack
|
page read and write
|
||
|
7EE10000
|
trusted library allocation
|
page execute and read and write
|
||
|
5A38000
|
heap
|
page read and write
|
||
|
674E000
|
stack
|
page read and write
|
||
|
166F000
|
stack
|
page read and write
|
||
|
8B0000
|
trusted library allocation
|
page read and write
|
||
|
557B000
|
stack
|
page read and write
|
||
|
3801000
|
heap
|
page read and write
|
||
|
3720000
|
heap
|
page read and write
|
||
|
520000
|
heap
|
page read and write
|
||
|
14FA000
|
trusted library allocation
|
page execute and read and write
|
||
|
BE0000
|
trusted library allocation
|
page read and write
|
||
|
CC0000
|
heap
|
page read and write
|
||
|
4E00000
|
heap
|
page read and write
|
||
|
5020000
|
heap
|
page read and write
|
||
|
62D000
|
heap
|
page read and write
|
||
|
E0E000
|
stack
|
page read and write
|
||
|
970000
|
heap
|
page read and write
|
||
|
626E000
|
stack
|
page read and write
|
||
|
5720000
|
heap
|
page read and write
|
||
|
16A0000
|
heap
|
page execute and read and write
|
||
|
58DE000
|
stack
|
page read and write
|
||
|
1AE0000
|
heap
|
page read and write
|
||
|
4FF0000
|
heap
|
page read and write
|
||
|
1537000
|
trusted library allocation
|
page execute and read and write
|
||
|
8AA000
|
trusted library allocation
|
page execute and read and write
|
||
|
968000
|
heap
|
page read and write
|
||
|
35D0000
|
heap
|
page read and write
|
||
|
10B0000
|
heap
|
page read and write
|
||
|
381C000
|
heap
|
page read and write
|
||
|
382A000
|
heap
|
page read and write
|
||
|
4E30000
|
heap
|
page read and write
|
||
|
E90000
|
heap
|
page read and write
|
||
|
193F000
|
stack
|
page read and write
|
||
|
989000
|
stack
|
page read and write
|
||
|
5730000
|
heap
|
page read and write
|
||
|
1270000
|
heap
|
page read and write
|
||
|
3836000
|
heap
|
page read and write
|
||
|
381C000
|
heap
|
page read and write
|
||
|
3F71000
|
trusted library allocation
|
page read and write
|
||
|
1166000
|
stack
|
page read and write
|
||
|
8C2000
|
trusted library allocation
|
page read and write
|
||
|
5A22000
|
heap
|
page read and write
|
||
|
F0E000
|
stack
|
page read and write
|
||
|
6D40000
|
heap
|
page read and write
|
||
|
3836000
|
heap
|
page read and write
|
||
|
4F50000
|
heap
|
page read and write
|
||
|
5B0000
|
heap
|
page read and write
|
||
|
AFE000
|
stack
|
page read and write
|
||
|
3839000
|
heap
|
page read and write
|
||
|
D1B000
|
stack
|
page read and write
|
||
|
3836000
|
heap
|
page read and write
|
||
|
8EB000
|
trusted library allocation
|
page execute and read and write
|
||
|
A7E000
|
stack
|
page read and write
|
||
|
5A2C000
|
heap
|
page read and write
|
There are 511 hidden memdumps, click here to show them.