Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
on2JggGo0k.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v2.0_32\UsageLogs\on2JggGo0k.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\confuse\chargeable.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v2.0_32\UsageLogs\chargeable.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
\Device\ConDrv
|
ASCII text, with CRLF line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\on2JggGo0k.exe
|
"C:\Users\user\Desktop\on2JggGo0k.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\confuse\chargeable.exe
|
"C:\Users\user\AppData\Roaming\confuse\chargeable.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\confuse\chargeable.exe
|
C:\Users\user\AppData\Roaming\confuse\chargeable.exe
|
|
|
|
C:\Users\user\AppData\Roaming\confuse\chargeable.exe
|
C:\Users\user\AppData\Roaming\confuse\chargeable.exe
|
|
|
|
C:\Windows\SysWOW64\netsh.exe
|
netsh firewall add allowedprogram "C:\Users\user\AppData\Roaming\confuse\chargeable.exe" "chargeable.exe" ENABLE
|
|
|
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 2324 -s 84
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
doddyfire.linkpc.net
|
|
||
|
https://www.sysinternals.com0
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
doddyfire.linkpc.net
|
160.177.56.173
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
160.177.56.173
|
doddyfire.linkpc.net
|
Morocco
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
confuse
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
SysMain
|
|
|
|
HKEY_CURRENT_USER
|
di
|
|
|
|
HKEY_CURRENT_USER\Environment
|
SEE_MASK_NOZONECHECKS
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\e1a87040f2026369a233f9ae76301b7b
|
[kl]
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2CD1000
|
trusted library allocation
|
page read and write
|
|
|
|
402000
|
remote allocation
|
page execute and read and write
|
|
|
|
3131000
|
trusted library allocation
|
page read and write
|
|
|
|
E32000
|
trusted library allocation
|
page read and write
|
||
|
3154000
|
heap
|
page read and write
|
||
|
2EEE000
|
stack
|
page read and write
|
||
|
689E000
|
stack
|
page read and write
|
||
|
6930000
|
trusted library allocation
|
page read and write
|
||
|
30D6000
|
heap
|
page read and write
|
||
|
30D0000
|
heap
|
page read and write
|
||
|
5295000
|
heap
|
page read and write
|
||
|
5590000
|
heap
|
page read and write
|
||
|
980000
|
heap
|
page read and write
|
||
|
F3B000
|
stack
|
page read and write
|
||
|
B1C000
|
heap
|
page read and write
|
||
|
1287000
|
heap
|
page read and write
|
||
|
30A7000
|
heap
|
page read and write
|
||
|
2BF8000
|
trusted library allocation
|
page read and write
|
||
|
8F9000
|
stack
|
page read and write
|
||
|
1390000
|
heap
|
page read and write
|
||
|
6590000
|
trusted library section
|
page read and write
|
||
|
30B1000
|
heap
|
page read and write
|
||
|
33D000
|
stack
|
page read and write
|
||
|
1048000
|
trusted library allocation
|
page read and write
|
||
|
30DE000
|
heap
|
page read and write
|
||
|
310E000
|
heap
|
page read and write
|
||
|
5270000
|
heap
|
page read and write
|
||
|
5680000
|
heap
|
page read and write
|
||
|
30B3000
|
heap
|
page read and write
|
||
|
54CF000
|
heap
|
page read and write
|
||
|
310E000
|
heap
|
page read and write
|
||
|
B78000
|
heap
|
page read and write
|
||
|
6830000
|
heap
|
page read and write
|
||
|
30AF000
|
heap
|
page read and write
|
||
|
5580000
|
heap
|
page read and write
|
||
|
3CD1000
|
trusted library allocation
|
page read and write
|
||
|
703E000
|
stack
|
page read and write
|
||
|
3153000
|
heap
|
page read and write
|
||
|
B18000
|
heap
|
page read and write
|
||
|
920000
|
heap
|
page read and write
|
||
|
310E000
|
heap
|
page read and write
|
||
|
F80000
|
trusted library allocation
|
page read and write
|
||
|
5153000
|
heap
|
page read and write
|
||
|
3060000
|
heap
|
page read and write
|
||
|
B6E000
|
stack
|
page read and write
|
||
|
CFE000
|
stack
|
page read and write
|
||
|
54CF000
|
heap
|
page read and write
|
||
|
1480000
|
heap
|
page execute and read and write
|
||
|
D72000
|
trusted library allocation
|
page read and write
|
||
|
30BA000
|
heap
|
page read and write
|
||
|
30B4000
|
heap
|
page read and write
|
||
|
3536000
|
heap
|
page read and write
|
||
|
11F7000
|
trusted library allocation
|
page execute and read and write
|
||
|
30A7000
|
heap
|
page read and write
|
||
|
4D3E000
|
stack
|
page read and write
|
||
|
5570000
|
heap
|
page read and write
|
||
|
2BA0000
|
heap
|
page read and write
|
||
|
30A7000
|
heap
|
page read and write
|
||
|
30E5000
|
heap
|
page read and write
|
||
|
D62000
|
trusted library allocation
|
page execute and read and write
|
||
|
3101000
|
heap
|
page read and write
|
||
|
2D5F000
|
stack
|
page read and write
|
||
|
1027000
|
heap
|
page read and write
|
||
|
D32000
|
trusted library allocation
|
page execute and read and write
|
||
|
4F70000
|
heap
|
page read and write
|
||
|
4FB9000
|
stack
|
page read and write
|
||
|
121B000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D90000
|
trusted library allocation
|
page read and write
|
||
|
30D9000
|
heap
|
page read and write
|
||
|
D23000
|
trusted library allocation
|
page read and write
|
||
|
5500000
|
trusted library section
|
page readonly
|
||
|
733E000
|
stack
|
page read and write
|
||
|
4F60000
|
trusted library allocation
|
page execute and read and write
|
||
|
3175000
|
trusted library allocation
|
page read and write
|
||
|
A9E000
|
heap
|
page read and write
|
||
|
30D0000
|
heap
|
page read and write
|
||
|
11EE000
|
stack
|
page read and write
|
||
|
3080000
|
heap
|
page read and write
|
||
|
BF0000
|
heap
|
page read and write
|
||
|
54C3000
|
heap
|
page read and write
|
||
|
869C000
|
stack
|
page read and write
|
||
|
30BA000
|
heap
|
page read and write
|
||
|
D1E000
|
stack
|
page read and write
|
||
|
54C0000
|
heap
|
page read and write
|
||
|
2D6C000
|
trusted library allocation
|
page read and write
|
||
|
54D0000
|
heap
|
page read and write
|
||
|
555C000
|
stack
|
page read and write
|
||
|
3B61000
|
trusted library allocation
|
page read and write
|
||
|
30DB000
|
heap
|
page read and write
|
||
|
2B80000
|
heap
|
page read and write
|
||
|
EA5000
|
heap
|
page read and write
|
||
|
2BA5000
|
heap
|
page read and write
|
||
|
5140000
|
trusted library allocation
|
page execute and read and write
|
||
|
30E9000
|
heap
|
page read and write
|
||
|
30B3000
|
heap
|
page read and write
|
||
|
E4E000
|
stack
|
page read and write
|
||
|
717E000
|
stack
|
page read and write
|
||
|
2B61000
|
trusted library allocation
|
page read and write
|
||
|
3080000
|
heap
|
page read and write
|
||
|
30AE000
|
heap
|
page read and write
|
||
|
54C1000
|
heap
|
page read and write
|
||
|
D57000
|
trusted library allocation
|
page execute and read and write
|
||
|
310F000
|
heap
|
page read and write
|
||
|
5130000
|
heap
|
page read and write
|
||
|
E0C000
|
trusted library allocation
|
page execute and read and write
|
||
|
FAA000
|
trusted library allocation
|
page execute and read and write
|
||
|
4F8E000
|
stack
|
page read and write
|
||
|
3159000
|
heap
|
page read and write
|
||
|
E22000
|
trusted library allocation
|
page execute and read and write
|
||
|
30D4000
|
heap
|
page read and write
|
||
|
D3A000
|
trusted library allocation
|
page execute and read and write
|
||
|
D5A000
|
trusted library allocation
|
page execute and read and write
|
||
|
1056000
|
heap
|
page read and write
|
||
|
E0E000
|
heap
|
page read and write
|
||
|
5090000
|
heap
|
page read and write
|
||
|
985000
|
heap
|
page read and write
|
||
|
11F0000
|
trusted library allocation
|
page read and write
|
||
|
510000
|
unkown
|
page readonly
|
||
|
102F000
|
heap
|
page read and write
|
||
|
30D4000
|
heap
|
page read and write
|
||
|
30B9000
|
heap
|
page read and write
|
||
|
30D9000
|
heap
|
page read and write
|
||
|
ACF000
|
heap
|
page read and write
|
||
|
FCE000
|
stack
|
page read and write
|
||
|
E17000
|
trusted library allocation
|
page execute and read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
3130000
|
heap
|
page read and write
|
||
|
675D000
|
stack
|
page read and write
|
||
|
CAA000
|
trusted library allocation
|
page execute and read and write
|
||
|
5150000
|
heap
|
page read and write
|
||
|
54C2000
|
heap
|
page read and write
|
||
|
3094000
|
heap
|
page read and write
|
||
|
6F3F000
|
stack
|
page read and write
|
||
|
30AD000
|
heap
|
page read and write
|
||
|
CB0000
|
heap
|
page read and write
|
||
|
4DD0000
|
heap
|
page read and write
|
||
|
1202000
|
trusted library allocation
|
page execute and read and write
|
||
|
FA2000
|
trusted library allocation
|
page execute and read and write
|
||
|
535E000
|
stack
|
page read and write
|
||
|
1210000
|
trusted library allocation
|
page read and write
|
||
|
30EA000
|
heap
|
page read and write
|
||
|
B70000
|
heap
|
page read and write
|
||
|
E39000
|
heap
|
page read and write
|
||
|
3154000
|
heap
|
page read and write
|
||
|
310E000
|
heap
|
page read and write
|
||
|
4CBE000
|
stack
|
page read and write
|
||
|
3101000
|
heap
|
page read and write
|
||
|
2EFB000
|
stack
|
page read and write
|
||
|
3101000
|
heap
|
page read and write
|
||
|
4F1B000
|
stack
|
page read and write
|
||
|
6580000
|
heap
|
page read and write
|
||
|
96E000
|
stack
|
page read and write
|
||
|
E0A000
|
trusted library allocation
|
page execute and read and write
|
||
|
FB0000
|
heap
|
page read and write
|
||
|
30DD000
|
heap
|
page read and write
|
||
|
315E000
|
heap
|
page read and write
|
||
|
F77000
|
heap
|
page read and write
|
||
|
3101000
|
heap
|
page read and write
|
||
|
310E000
|
heap
|
page read and write
|
||
|
D42000
|
trusted library allocation
|
page execute and read and write
|
||
|
4D80000
|
heap
|
page read and write
|
||
|
5410000
|
trusted library allocation
|
page execute and read and write
|
||
|
30DB000
|
heap
|
page read and write
|
||
|
3050000
|
heap
|
page read and write
|
||
|
F70000
|
heap
|
page read and write
|
||
|
810000
|
heap
|
page read and write
|
||
|
4D7E000
|
stack
|
page read and write
|
||
|
4F5C000
|
stack
|
page read and write
|
||
|
50A5000
|
heap
|
page read and write
|
||
|
E00000
|
heap
|
page read and write
|
||
|
F9A000
|
trusted library allocation
|
page execute and read and write
|
||
|
2B0B000
|
stack
|
page read and write
|
||
|
72FC000
|
stack
|
page read and write
|
||
|
545E000
|
stack
|
page read and write
|
||
|
310E000
|
heap
|
page read and write
|
||
|
30AD000
|
heap
|
page read and write
|
||
|
6360000
|
heap
|
page read and write
|
||
|
50DC000
|
stack
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
C10000
|
heap
|
page read and write
|
||
|
30B6000
|
heap
|
page read and write
|
||
|
30E7000
|
heap
|
page read and write
|
||
|
3074000
|
heap
|
page read and write
|
||
|
3130000
|
heap
|
page read and write
|
||
|
50A0000
|
heap
|
page read and write
|
||
|
125E000
|
stack
|
page read and write
|
||
|
E2A000
|
trusted library allocation
|
page execute and read and write
|
||
|
30BA000
|
heap
|
page read and write
|
||
|
30EC000
|
heap
|
page read and write
|
||
|
11F2000
|
trusted library allocation
|
page read and write
|
||
|
30CD000
|
heap
|
page read and write
|
||
|
315E000
|
heap
|
page read and write
|
||
|
30B9000
|
heap
|
page read and write
|
||
|
30EA000
|
heap
|
page read and write
|
||
|
30EB000
|
heap
|
page read and write
|
||
|
1280000
|
heap
|
page read and write
|
||
|
1217000
|
trusted library allocation
|
page execute and read and write
|
||
|
F50000
|
trusted library allocation
|
page execute and read and write
|
||
|
5B9000
|
stack
|
page read and write
|
||
|
550F000
|
trusted library section
|
page readonly
|
||
|
30BC000
|
heap
|
page read and write
|
||
|
30EC000
|
heap
|
page read and write
|
||
|
3101000
|
heap
|
page read and write
|
||
|
30B7000
|
heap
|
page read and write
|
||
|
30CD000
|
heap
|
page read and write
|
||
|
D77000
|
trusted library allocation
|
page execute and read and write
|
||
|
EA0000
|
heap
|
page read and write
|
||
|
300E000
|
stack
|
page read and write
|
||
|
30B8000
|
heap
|
page read and write
|
||
|
DC6000
|
heap
|
page read and write
|
||
|
30DB000
|
heap
|
page read and write
|
||
|
910000
|
heap
|
page read and write
|
||
|
54C8000
|
heap
|
page read and write
|
||
|
315E000
|
heap
|
page read and write
|
||
|
30E9000
|
heap
|
page read and write
|
||
|
6FA000
|
stack
|
page read and write
|
||
|
E45000
|
heap
|
page read and write
|
||
|
6AFE000
|
stack
|
page read and write
|
||
|
E1A000
|
trusted library allocation
|
page execute and read and write
|
||
|
53A0000
|
heap
|
page read and write
|
||
|
6FD000
|
stack
|
page read and write
|
||
|
120A000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D49000
|
trusted library allocation
|
page read and write
|
||
|
30DC000
|
heap
|
page read and write
|
||
|
4E10000
|
trusted library allocation
|
page execute and read and write
|
||
|
6BFE000
|
stack
|
page read and write
|
||
|
4E90000
|
trusted library allocation
|
page read and write
|
||
|
D90000
|
heap
|
page read and write
|
||
|
30B9000
|
heap
|
page read and write
|
||
|
30D0000
|
heap
|
page read and write
|
||
|
102B000
|
heap
|
page read and write
|
||
|
315D000
|
heap
|
page read and write
|
||
|
30E4000
|
heap
|
page read and write
|
||
|
5260000
|
heap
|
page read and write
|
||
|
30ED000
|
heap
|
page read and write
|
||
|
30E4000
|
heap
|
page read and write
|
||
|
685E000
|
stack
|
page read and write
|
||
|
30D9000
|
heap
|
page read and write
|
||
|
30DF000
|
heap
|
page read and write
|
||
|
D98000
|
heap
|
page read and write
|
||
|
11AF000
|
stack
|
page read and write
|
||
|
335E000
|
stack
|
page read and write
|
||
|
E12000
|
trusted library allocation
|
page read and write
|
||
|
30D3000
|
heap
|
page read and write
|
||
|
694E000
|
stack
|
page read and write
|
||
|
505B000
|
stack
|
page read and write
|
||
|
54C2000
|
heap
|
page read and write
|
||
|
5610000
|
heap
|
page read and write
|
||
|
F92000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FB30000
|
trusted library allocation
|
page execute and read and write
|
||
|
FA0000
|
trusted library allocation
|
page read and write
|
||
|
D4A000
|
trusted library allocation
|
page execute and read and write
|
||
|
4E8E000
|
stack
|
page read and write
|
||
|
310E000
|
heap
|
page read and write
|
||
|
525D000
|
stack
|
page read and write
|
||
|
E02000
|
trusted library allocation
|
page execute and read and write
|
||
|
71BE000
|
stack
|
page read and write
|
||
|
2EFE000
|
stack
|
page read and write
|
||
|
4DCE000
|
stack
|
page read and write
|
||
|
3111000
|
heap
|
page read and write
|
||
|
1036000
|
heap
|
page read and write
|
||
|
C8E000
|
stack
|
page read and write
|
||
|
707E000
|
stack
|
page read and write
|
||
|
5460000
|
trusted library allocation
|
page read and write
|
||
|
54D5000
|
heap
|
page read and write
|
||
|
3010000
|
heap
|
page read and write
|
||
|
30DA000
|
heap
|
page read and write
|
||
|
40A1000
|
trusted library allocation
|
page read and write
|
||
|
30AD000
|
heap
|
page read and write
|
||
|
B80000
|
heap
|
page read and write
|
||
|
FEF000
|
heap
|
page read and write
|
||
|
6AAE000
|
stack
|
page read and write
|
||
|
4CFE000
|
stack
|
page read and write
|
||
|
30D5000
|
heap
|
page read and write
|
||
|
54A0000
|
heap
|
page read and write
|
||
|
30B1000
|
heap
|
page read and write
|
||
|
104D000
|
heap
|
page read and write
|
||
|
D6A000
|
trusted library allocation
|
page execute and read and write
|
||
|
2B70000
|
heap
|
page read and write
|
||
|
B99000
|
stack
|
page read and write
|
||
|
3159000
|
heap
|
page read and write
|
||
|
4E50000
|
heap
|
page read and write
|
||
|
FAC000
|
trusted library allocation
|
page execute and read and write
|
||
|
2BEE000
|
trusted library allocation
|
page read and write
|
||
|
30E9000
|
heap
|
page read and write
|
||
|
512000
|
unkown
|
page readonly
|
||
|
30DE000
|
heap
|
page read and write
|
||
|
C90000
|
trusted library allocation
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30ED000
|
heap
|
page read and write
|
||
|
4F73000
|
heap
|
page read and write
|
||
|
3110000
|
heap
|
page read and write
|
||
|
69AD000
|
stack
|
page read and write
|
||
|
100C000
|
stack
|
page read and write
|
||
|
E37000
|
trusted library allocation
|
page execute and read and write
|
||
|
6C3E000
|
stack
|
page read and write
|
||
|
B96000
|
stack
|
page read and write
|
||
|
F60000
|
trusted library allocation
|
page read and write
|
||
|
54A1000
|
heap
|
page read and write
|
||
|
5020000
|
unclassified section
|
page read and write
|
||
|
3080000
|
heap
|
page read and write
|
||
|
A90000
|
heap
|
page read and write
|
||
|
10E0000
|
heap
|
page read and write
|
||
|
1030000
|
heap
|
page read and write
|
||
|
3151000
|
heap
|
page read and write
|
||
|
3530000
|
heap
|
page read and write
|
||
|
30CD000
|
heap
|
page read and write
|
||
|
54C5000
|
heap
|
page read and write
|
||
|
5810000
|
heap
|
page read and write
|
||
|
30B8000
|
heap
|
page read and write
|
||
|
315E000
|
heap
|
page read and write
|
||
|
11FA000
|
trusted library allocation
|
page execute and read and write
|
||
|
E00000
|
trusted library allocation
|
page read and write
|
||
|
30D0000
|
heap
|
page read and write
|
||
|
3101000
|
heap
|
page read and write
|
||
|
312E000
|
trusted library allocation
|
page read and write
|
||
|
4EDC000
|
stack
|
page read and write
|
||
|
4CD0000
|
heap
|
page read and write
|
||
|
306B000
|
heap
|
page read and write
|
||
|
567D000
|
stack
|
page read and write
|
||
|
54CF000
|
heap
|
page read and write
|
||
|
3111000
|
heap
|
page read and write
|
||
|
521E000
|
stack
|
page read and write
|
||
|
30D9000
|
heap
|
page read and write
|
||
|
281F000
|
stack
|
page read and write
|
||
|
325E000
|
unkown
|
page read and write
|
||
|
30BA000
|
heap
|
page read and write
|
||
|
AFB000
|
heap
|
page read and write
|
||
|
30DF000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
54CF000
|
heap
|
page read and write
|
||
|
30B7000
|
heap
|
page read and write
|
||
|
1640000
|
heap
|
page read and write
|
||
|
1630000
|
trusted library allocation
|
page execute and read and write
|
||
|
30B5000
|
heap
|
page read and write
|
||
|
30DB000
|
heap
|
page read and write
|
||
|
30EC000
|
heap
|
page read and write
|
||
|
310E000
|
heap
|
page read and write
|
||
|
30E7000
|
heap
|
page read and write
|
||
|
30B6000
|
heap
|
page read and write
|
||
|
30E2000
|
heap
|
page read and write
|
||
|
310E000
|
heap
|
page read and write
|
||
|
54D0000
|
heap
|
page read and write
|
||
|
5690000
|
heap
|
page read and write
|
||
|
2BF1000
|
trusted library allocation
|
page read and write
|
||
|
4E80000
|
trusted library allocation
|
page read and write
|
||
|
531E000
|
stack
|
page read and write
|
||
|
310E000
|
heap
|
page read and write
|
||
|
B38000
|
heap
|
page read and write
|
||
|
30E4000
|
heap
|
page read and write
|
||
|
30B9000
|
heap
|
page read and write
|
||
|
8F6000
|
stack
|
page read and write
|
||
|
5513000
|
heap
|
page read and write
|
||
|
539F000
|
stack
|
page read and write
|
||
|
1010000
|
heap
|
page execute and read and write
|
||
|
2EF4000
|
stack
|
page read and write
|
||
|
3071000
|
heap
|
page read and write
|
||
|
E80000
|
heap
|
page read and write
|
||
|
3156000
|
heap
|
page read and write
|
||
|
D40000
|
trusted library allocation
|
page read and write
|
||
|
3151000
|
heap
|
page read and write
|
||
|
30DD000
|
heap
|
page read and write
|
||
|
315E000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
E7E000
|
stack
|
page read and write
|
||
|
6D3E000
|
stack
|
page read and write
|
||
|
51DE000
|
stack
|
page read and write
|
||
|
310E000
|
heap
|
page read and write
|
||
|
5575000
|
heap
|
page read and write
|
||
|
30B4000
|
heap
|
page read and write
|
||
|
A99000
|
stack
|
page read and write
|
||
|
30CE000
|
heap
|
page read and write
|
||
|
30AA000
|
heap
|
page read and write
|
||
|
D7B000
|
trusted library allocation
|
page execute and read and write
|
||
|
138F000
|
stack
|
page read and write
|
||
|
310E000
|
heap
|
page read and write
|
||
|
E90000
|
heap
|
page read and write
|
||
|
F40000
|
trusted library allocation
|
page read and write
|
||
|
30B6000
|
heap
|
page read and write
|
||
|
5510000
|
heap
|
page read and write
|
||
|
A50000
|
heap
|
page read and write
|
||
|
D20000
|
trusted library allocation
|
page read and write
|
||
|
FBE000
|
heap
|
page read and write
|
||
|
3097000
|
heap
|
page read and write
|
||
|
2BEE000
|
unkown
|
page read and write
|
||
|
6820000
|
heap
|
page read and write
|
||
|
879E000
|
stack
|
page read and write
|
||
|
FBB000
|
heap
|
page read and write
|
||
|
7F6000
|
stack
|
page read and write
|
||
|
1620000
|
trusted library allocation
|
page read and write
|
||
|
3157000
|
heap
|
page read and write
|
||
|
310E000
|
heap
|
page read and write
|
||
|
72BE000
|
stack
|
page read and write
|
||
|
5060000
|
trusted library section
|
page readonly
|
||
|
E3B000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D39000
|
trusted library allocation
|
page read and write
|
||
|
C15000
|
heap
|
page read and write
|
||
|
310E000
|
heap
|
page read and write
|
||
|
6E30000
|
trusted library allocation
|
page execute and read and write
|
||
|
EB0000
|
heap
|
page read and write
|
||
|
1470000
|
heap
|
page read and write
|
||
|
30EF000
|
heap
|
page read and write
|
||
|
B20000
|
heap
|
page read and write
|
||
|
2D24000
|
trusted library allocation
|
page read and write
|
||
|
298E000
|
stack
|
page read and write
|
||
|
315B000
|
heap
|
page read and write
|
||
|
81C0000
|
heap
|
page read and write
|
||
|
EF0000
|
heap
|
page execute and read and write
|
||
|
4E00000
|
trusted library allocation
|
page read and write
|
||
|
30A1000
|
trusted library allocation
|
page read and write
|
||
|
30EB000
|
heap
|
page read and write
|
||
|
6A62000
|
trusted library allocation
|
page read and write
|
||
|
CA2000
|
trusted library allocation
|
page execute and read and write
|
||
|
DFE000
|
stack
|
page read and write
|
There are 404 hidden memdumps, click here to show them.