Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
M9dfZzH3qn.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\kat99F5.tmp
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\ProgramData\KEBKJDBAAKJD\CBFCBK
|
SQLite 3.x database, last written using SQLite version 3035005, page size 2048, file counter 2, database pages 56, cookie
0x24, schema 4, UTF-8, version-valid-for 2
|
modified
|
||
|
C:\ProgramData\KEBKJDBAAKJD\DBFBFB
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 4, database pages 39, cookie 0x20, schema 4,
UTF-8, version-valid-for 4
|
dropped
|
||
|
C:\ProgramData\KEBKJDBAAKJD\DGHIDA
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 20, cookie
0xb, schema 4, UTF-8, version-valid-for 1
|
dropped
|
||
|
C:\ProgramData\KEBKJDBAAKJD\DGHJEH
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 11, database pages 7, cookie 0x3, schema 4, UTF-8,
version-valid-for 11
|
dropped
|
||
|
C:\ProgramData\KEBKJDBAAKJD\GIIIIJ
|
SQLite 3.x database, last written using SQLite version 3035005, page size 2048, file counter 1, database pages 24, cookie
0xe, schema 4, UTF-8, version-valid-for 1
|
dropped
|
||
|
C:\ProgramData\KEBKJDBAAKJD\IDBAFH
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie
0x21, schema 4, UTF-8, version-valid-for 3
|
dropped
|
||
|
C:\ProgramData\KEBKJDBAAKJD\KEBKJD
|
SQLite 3.x database, last written using SQLite version 3035005, file counter 2, database pages 31, cookie 0x18, schema 4,
UTF-8, version-valid-for 2
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506
|
Microsoft Cabinet archive data, Windows 2000/XP setup, 71954 bytes, 1 file, at 0x2c +A "authroot.stl", number 1, 6 datablocks,
0x1 compression
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ZVZFKMB9\sqlt[1].dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
There are 2 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\M9dfZzH3qn.exe
|
"C:\Users\user\Desktop\M9dfZzH3qn.exe"
|
|
|
|
C:\Users\user\AppData\Local\Temp\kat99F5.tmp
|
C:\Users\user\AppData\Local\Temp\kat99F5.tmp
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://t.me/
|
unknown
|
|
|
|
https://steamcommunity.com/profiles/76561199707802586
|
|
||
|
https://t.me/g067n
|
149.154.167.99
|
|
|
|
https://duckduckgo.com/chrome_newtab
|
unknown
|
||
|
https://support.office.com/article/94ba2e0b-638e-4a92-8857-2cb5ac1d8e17exe
|
unknown
|
||
|
https://duckduckgo.com/ac/?q=
|
unknown
|
||
|
https://195.201.251.214:9000/freebl3.dllla
|
unknown
|
||
|
http://schemas.xmlsoap.org/soap/encoding/Nhttp://www.borland.com/namespaces/Types
|
unknown
|
||
|
https://195.201.251.214:9000/mozglue.dll
|
unknown
|
||
|
http://www.borland.com/namespaces/TypesJ
|
unknown
|
||
|
https://195.201.251.214:9000/nss3.dll
|
unknown
|
||
|
https://web.telegram.org
|
unknown
|
||
|
https://steamcommunity.com/profiles/76561199707802586hellosqlt.dllsqlite3.dll
|
unknown
|
||
|
https://195.201.251.214:9000/
|
unknown
|
||
|
https://195.201.251.214:9000/freebl3.dllF
|
unknown
|
||
|
https://195.201.251.214:9000/freebl3.dllD
|
unknown
|
||
|
https://195.201.251.214:9000t.txtoft
|
unknown
|
||
|
https://195.201.251.214:9000/o
|
unknown
|
||
|
https://195.201.251.214/?
|
unknown
|
||
|
https://195.201.251.214:9000/mozglue.dllge
|
unknown
|
||
|
http://www.borland.com/namespaces/Types7
|
unknown
|
||
|
https://195.201.251.214:9000/j
|
unknown
|
||
|
https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
|
unknown
|
||
|
https://195.201.251.214:9000/Mac
|
unknown
|
||
|
https://support.office.com/article/94ba2e0b-638e-4a92-8857-2cb5ac1d8e17
|
unknown
|
||
|
https://195.201.251.214:9000/w
|
unknown
|
||
|
https://195.201.251.214:9000/icrosoft
|
unknown
|
||
|
https://195.201.251.214:9000/msvcp140.dll15;
|
unknown
|
||
|
https://195.201.251.214:9000/mozglue.dllM
|
unknown
|
||
|
https://195.201.251.214:9000Google
|
unknown
|
||
|
https://195.201.251.214:9000/mozglue.dll)b
|
unknown
|
||
|
http://www.borland.com/namespaces/Types
|
unknown
|
||
|
https://support.office.com/article/94ba2e0b-638e-4a92-8857-2cb5ac1d8e17rer.exe
|
unknown
|
||
|
https://t.me/g067n2r
|
unknown
|
||
|
http://www.borland.com/namespaces/Typesc0da53E
|
unknown
|
||
|
http://www.borland.com/namespaces/Typesc0da53F
|
unknown
|
||
|
https://195.201.251.214:9000/al
|
unknown
|
||
|
https://195.201.251.214:9000/msvcp140.dll-
|
unknown
|
||
|
https://195.201.251.214:9000/%
|
unknown
|
||
|
https://support.office.com/article/94ba2e0b-638e-4a92-8857-2cb5ac1d8e17Install
|
unknown
|
||
|
https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search
|
unknown
|
||
|
https://195.201.251.214/_
|
unknown
|
||
|
https://195.201.251.214:9000/freebl3.dll
|
unknown
|
||
|
https://195.201.251.214:9000/softokn3.dll
|
unknown
|
||
|
https://195.201.251.214:9000/rlM
|
unknown
|
||
|
https://t.me/g067nry1neMozilla/5.0
|
unknown
|
||
|
https://195.201.251.214:9000/freebl3.dllU
|
unknown
|
||
|
http://www.sqlite.org/copyright.html.
|
unknown
|
||
|
https://195.201.251.214:9000/?
|
unknown
|
||
|
https://195.201.251.214:9000g
|
unknown
|
||
|
https://195.201.251.214:9000/nss3.dllr
|
unknown
|
||
|
https://www.google.com/images/branding/product/ico/googleg_lodp.ico
|
unknown
|
||
|
https://195.201.251.214:9000/9
|
unknown
|
||
|
http://schemas.xmlsoap.org/soap/encoding/
|
unknown
|
||
|
https://195.201.251.214:9000/msvcp140.dll
|
unknown
|
||
|
http://www.borland.com/namespaces/Typesmmon-cF
|
unknown
|
||
|
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
|
unknown
|
||
|
http://rpi.net.au/~ajohnson/resourcehacker
|
unknown
|
||
|
https://support.office.com/article/7D48285B-20E8-4B9B-91AD-216E34163BAD?wt.mc_id=EnterPK2016
|
unknown
|
||
|
https://support.office.com/article/7D48285B-20E8-4B9B-91AD-216E34163BAD?wt.mc_id=EnterPK2016ost.exe
|
unknown
|
||
|
https://www.ecosia.org/newtab/
|
unknown
|
||
|
https://195.201.251.214:9000/vcruntime140.dller
|
unknown
|
||
|
https://195.201.251.214:9000/vcruntime140.dll
|
unknown
|
||
|
https://195.201.251.214:9000f4cle
|
unknown
|
||
|
https://ac.ecosia.org/autocomplete?q=
|
unknown
|
||
|
https://195.201.251.214:9000/msvcp140.dlle
|
unknown
|
||
|
https://195.201.251.214:9000/softokn3.dlle
|
unknown
|
||
|
https://195.201.251.214:9000/lV
|
unknown
|
||
|
https://195.201.251.214:9000/softokn3.dllb
|
unknown
|
||
|
https://195.201.251.214:9000/d
|
unknown
|
||
|
https://195.201.251.214:9000/freebl3.dllge
|
unknown
|
||
|
https://195.201.251.214:9000/msvcp140.dllf
|
unknown
|
||
|
https://195.201.251.214:9000/a
|
unknown
|
||
|
https://195.201.251.214:9000
|
unknown
|
||
|
https://support.office.com/article/7D48285B-20E8-4B9B-91AD-216E34163BAD?wt.mc_id=EnterPK2016Examples
|
unknown
|
||
|
https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=
|
unknown
|
||
|
https://195.201.251.214:9000/sqlt.dll
|
unknown
|
||
|
https://195.201.251.214:9000ontent-Disposition:
|
unknown
|
||
|
https://195.201.251.214:9000/P
|
unknown
|
||
|
https://195.201.251.214:9000Microsoft
|
unknown
|
There are 70 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
t.me
|
149.154.167.99
|
|
|
|
windowsupdatebg.s.llnwi.net
|
87.248.205.0
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
149.154.167.99
|
t.me
|
United Kingdom
|
|
|
|
195.201.251.214
|
unknown
|
Germany
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2B5B000
|
direct allocation
|
page execute and read and write
|
|
|
|
2A50000
|
direct allocation
|
page execute and read and write
|
|
|
|
40A0000
|
direct allocation
|
page read and write
|
|
|
|
2590000
|
direct allocation
|
page execute and read and write
|
|
|
|
A51000
|
heap
|
page read and write
|
||
|
958000
|
heap
|
page read and write
|
||
|
9F5000
|
heap
|
page read and write
|
||
|
844000
|
heap
|
page read and write
|
||
|
844000
|
heap
|
page read and write
|
||
|
9071000
|
heap
|
page read and write
|
||
|
B33000
|
heap
|
page read and write
|
||
|
93E000
|
heap
|
page read and write
|
||
|
1FEDF000
|
stack
|
page read and write
|
||
|
97F000
|
heap
|
page read and write
|
||
|
AEA000
|
heap
|
page read and write
|
||
|
9F0000
|
heap
|
page read and write
|
||
|
1D960000
|
remote allocation
|
page read and write
|
||
|
8CA000
|
heap
|
page read and write
|
||
|
A40000
|
heap
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
9F3000
|
heap
|
page read and write
|
||
|
9071000
|
heap
|
page read and write
|
||
|
AAB000
|
heap
|
page read and write
|
||
|
B00000
|
heap
|
page read and write
|
||
|
AFF000
|
heap
|
page read and write
|
||
|
9071000
|
heap
|
page read and write
|
||
|
A31000
|
heap
|
page read and write
|
||
|
9E1000
|
heap
|
page read and write
|
||
|
22887000
|
heap
|
page read and write
|
||
|
AF2000
|
heap
|
page read and write
|
||
|
9071000
|
heap
|
page read and write
|
||
|
7A5E000
|
heap
|
page read and write
|
||
|
844000
|
heap
|
page read and write
|
||
|
840000
|
heap
|
page read and write
|
||
|
A0A000
|
heap
|
page read and write
|
||
|
A0A000
|
heap
|
page read and write
|
||
|
9071000
|
heap
|
page read and write
|
||
|
2286D000
|
direct allocation
|
page readonly
|
||
|
9E7000
|
heap
|
page read and write
|
||
|
AEA000
|
heap
|
page read and write
|
||
|
9AF000
|
heap
|
page read and write
|
||
|
A80000
|
heap
|
page read and write
|
||
|
A0F000
|
heap
|
page read and write
|
||
|
9B1000
|
heap
|
page read and write
|
||
|
9C2000
|
heap
|
page read and write
|
||
|
76E000
|
stack
|
page read and write
|
||
|
9D7000
|
heap
|
page read and write
|
||
|
947000
|
heap
|
page read and write
|
||
|
9AC000
|
heap
|
page read and write
|
||
|
42E3000
|
direct allocation
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
22621000
|
direct allocation
|
page execute read
|
||
|
9071000
|
heap
|
page read and write
|
||
|
9F5000
|
heap
|
page read and write
|
||
|
9C6000
|
heap
|
page read and write
|
||
|
9DE000
|
heap
|
page read and write
|
||
|
AFF000
|
heap
|
page read and write
|
||
|
2BB65000
|
heap
|
page read and write
|
||
|
1B3EE000
|
stack
|
page read and write
|
||
|
97D000
|
heap
|
page read and write
|
||
|
9DE000
|
heap
|
page read and write
|
||
|
9071000
|
heap
|
page read and write
|
||
|
908000
|
heap
|
page read and write
|
||
|
9AF000
|
heap
|
page read and write
|
||
|
9071000
|
heap
|
page read and write
|
||
|
A0F000
|
heap
|
page read and write
|
||
|
95F000
|
heap
|
page read and write
|
||
|
225CC000
|
stack
|
page read and write
|
||
|
9E1000
|
heap
|
page read and write
|
||
|
9A6000
|
heap
|
page read and write
|
||
|
9F3000
|
heap
|
page read and write
|
||
|
9071000
|
heap
|
page read and write
|
||
|
9FC000
|
heap
|
page read and write
|
||
|
9F5000
|
heap
|
page read and write
|
||
|
9C6000
|
heap
|
page read and write
|
||
|
52D000
|
remote allocation
|
page execute and read and write
|
||
|
AEA000
|
heap
|
page read and write
|
||
|
B33000
|
heap
|
page read and write
|
||
|
9FD000
|
heap
|
page read and write
|
||
|
9DE000
|
heap
|
page read and write
|
||
|
980000
|
heap
|
page read and write
|
||
|
2BA1E000
|
heap
|
page read and write
|
||
|
23A0000
|
heap
|
page read and write
|
||
|
2BC2C000
|
heap
|
page read and write
|
||
|
AEE000
|
heap
|
page read and write
|
||
|
9071000
|
heap
|
page read and write
|
||
|
9E7000
|
heap
|
page read and write
|
||
|
ABD000
|
heap
|
page read and write
|
||
|
9A4000
|
heap
|
page read and write
|
||
|
9AF000
|
heap
|
page read and write
|
||
|
844000
|
heap
|
page read and write
|
||
|
9071000
|
heap
|
page read and write
|
||
|
4A9000
|
remote allocation
|
page execute and read and write
|
||
|
95A000
|
heap
|
page read and write
|
||
|
9A6000
|
heap
|
page read and write
|
||
|
9E1000
|
heap
|
page read and write
|
||
|
9F8000
|
heap
|
page read and write
|
||
|
9071000
|
heap
|
page read and write
|
||
|
9C6000
|
heap
|
page read and write
|
||
|
7A57000
|
heap
|
page read and write
|
||
|
9F3000
|
heap
|
page read and write
|
||
|
2246E000
|
stack
|
page read and write
|
||
|
9DA000
|
heap
|
page read and write
|
||
|
9E2000
|
heap
|
page read and write
|
||
|
9F9000
|
heap
|
page read and write
|
||
|
9B2000
|
heap
|
page read and write
|
||
|
936000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
A51000
|
heap
|
page read and write
|
||
|
A2C000
|
heap
|
page read and write
|
||
|
844000
|
heap
|
page read and write
|
||
|
AAC000
|
heap
|
page read and write
|
||
|
95A000
|
heap
|
page read and write
|
||
|
24A4E000
|
stack
|
page read and write
|
||
|
9AF000
|
heap
|
page read and write
|
||
|
9A4000
|
heap
|
page read and write
|
||
|
2282F000
|
direct allocation
|
page readonly
|
||
|
9C6000
|
heap
|
page read and write
|
||
|
9071000
|
heap
|
page read and write
|
||
|
844000
|
heap
|
page read and write
|
||
|
B00000
|
heap
|
page read and write
|
||
|
22786000
|
direct allocation
|
page execute read
|
||
|
9CE000
|
heap
|
page read and write
|
||
|
9FD000
|
heap
|
page read and write
|
||
|
9071000
|
heap
|
page read and write
|
||
|
9D1000
|
heap
|
page read and write
|
||
|
979000
|
heap
|
page read and write
|
||
|
86F000
|
stack
|
page read and write
|
||
|
9EE000
|
heap
|
page read and write
|
||
|
4AF000
|
unkown
|
page write copy
|
||
|
9071000
|
heap
|
page read and write
|
||
|
95A000
|
heap
|
page read and write
|
||
|
9AC000
|
heap
|
page read and write
|
||
|
9EF000
|
heap
|
page read and write
|
||
|
9EA000
|
heap
|
page read and write
|
||
|
9081000
|
heap
|
page read and write
|
||
|
9071000
|
heap
|
page read and write
|
||
|
A12000
|
heap
|
page read and write
|
||
|
9E2000
|
heap
|
page read and write
|
||
|
9071000
|
heap
|
page read and write
|
||
|
9C3000
|
heap
|
page read and write
|
||
|
A0A000
|
heap
|
page read and write
|
||
|
A51000
|
heap
|
page read and write
|
||
|
A24000
|
heap
|
page read and write
|
||
|
9F5000
|
heap
|
page read and write
|
||
|
294CC000
|
stack
|
page read and write
|
||
|
A18000
|
heap
|
page read and write
|
||
|
9EA000
|
heap
|
page read and write
|
||
|
9EF000
|
heap
|
page read and write
|
||
|
22838000
|
direct allocation
|
page readonly
|
||
|
A7F000
|
heap
|
page read and write
|
||
|
844000
|
heap
|
page read and write
|
||
|
A25000
|
heap
|
page read and write
|
||
|
ABD000
|
heap
|
page read and write
|
||
|
5C8000
|
remote allocation
|
page execute and read and write
|
||
|
25F3000
|
heap
|
page read and write
|
||
|
9071000
|
heap
|
page read and write
|
||
|
AEA000
|
heap
|
page read and write
|
||
|
9CE000
|
heap
|
page read and write
|
||
|
A24000
|
heap
|
page read and write
|
||
|
2248C000
|
heap
|
page read and write
|
||
|
1FF2E000
|
stack
|
page read and write
|
||
|
880000
|
heap
|
page read and write
|
||
|
AEA000
|
heap
|
page read and write
|
||
|
844000
|
heap
|
page read and write
|
||
|
4B4000
|
unkown
|
page readonly
|
||
|
9071000
|
heap
|
page read and write
|
||
|
1432F000
|
stack
|
page read and write
|
||
|
43F000
|
remote allocation
|
page execute and read and write
|
||
|
979000
|
heap
|
page read and write
|
||
|
9071000
|
heap
|
page read and write
|
||
|
18E6E000
|
stack
|
page read and write
|
||
|
967000
|
heap
|
page read and write
|
||
|
22628000
|
direct allocation
|
page execute read
|
||
|
9A6000
|
heap
|
page read and write
|
||
|
539000
|
remote allocation
|
page execute and read and write
|
||
|
4B1000
|
remote allocation
|
page execute and read and write
|
||
|
9F0000
|
heap
|
page read and write
|
||
|
445000
|
remote allocation
|
page execute and read and write
|
||
|
9C2000
|
heap
|
page read and write
|
||
|
168EE000
|
stack
|
page read and write
|
||
|
A13000
|
heap
|
page read and write
|
||
|
973000
|
heap
|
page read and write
|
||
|
641000
|
remote allocation
|
page execute and read and write
|
||
|
A0F000
|
heap
|
page read and write
|
||
|
A0E000
|
heap
|
page read and write
|
||
|
A08000
|
heap
|
page read and write
|
||
|
93A000
|
heap
|
page read and write
|
||
|
4FA000
|
unkown
|
page readonly
|
||
|
2BC2A000
|
heap
|
page read and write
|
||
|
844000
|
heap
|
page read and write
|
||
|
2270000
|
direct allocation
|
page read and write
|
||
|
A12000
|
heap
|
page read and write
|
||
|
9DA000
|
heap
|
page read and write
|
||
|
9FD000
|
heap
|
page read and write
|
||
|
B06000
|
heap
|
page read and write
|
||
|
AFF000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
96A000
|
heap
|
page read and write
|
||
|
AEA000
|
heap
|
page read and write
|
||
|
9E2000
|
heap
|
page read and write
|
||
|
9D1000
|
heap
|
page read and write
|
||
|
9071000
|
heap
|
page read and write
|
||
|
A0A000
|
heap
|
page read and write
|
||
|
9C0000
|
heap
|
page read and write
|
||
|
AEE000
|
heap
|
page read and write
|
||
|
AAB000
|
heap
|
page read and write
|
||
|
7C0000
|
trusted library allocation
|
page read and write
|
||
|
425000
|
remote allocation
|
page execute and read and write
|
||
|
168AF000
|
stack
|
page read and write
|
||
|
A2B000
|
heap
|
page read and write
|
||
|
1B3AD000
|
stack
|
page read and write
|
||
|
944000
|
heap
|
page read and write
|
||
|
ABE000
|
heap
|
page read and write
|
||
|
4AC000
|
unkown
|
page write copy
|
||
|
720000
|
heap
|
page read and write
|
||
|
9EA000
|
heap
|
page read and write
|
||
|
2282D000
|
direct allocation
|
page execute read
|
||
|
9CD000
|
heap
|
page read and write
|
||
|
A0A000
|
heap
|
page read and write
|
||
|
AEE000
|
heap
|
page read and write
|
||
|
9D5000
|
heap
|
page read and write
|
||
|
844000
|
heap
|
page read and write
|
||
|
9FD000
|
heap
|
page read and write
|
||
|
4F5000
|
unkown
|
page write copy
|
||
|
9B1000
|
heap
|
page read and write
|
||
|
9070000
|
heap
|
page read and write
|
||
|
A12000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
9071000
|
heap
|
page read and write
|
||
|
B06000
|
heap
|
page read and write
|
||
|
9071000
|
heap
|
page read and write
|
||
|
2286F000
|
direct allocation
|
page readonly
|
||
|
AF2000
|
heap
|
page read and write
|
||
|
AF8000
|
heap
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
50E000
|
remote allocation
|
page execute and read and write
|
||
|
B03000
|
heap
|
page read and write
|
||
|
AF8000
|
heap
|
page read and write
|
||
|
4F1000
|
unkown
|
page read and write
|
||
|
9FA000
|
heap
|
page read and write
|
||
|
973000
|
heap
|
page read and write
|
||
|
9071000
|
heap
|
page read and write
|
||
|
B33000
|
heap
|
page read and write
|
||
|
B06000
|
heap
|
page read and write
|
||
|
224AD000
|
heap
|
page read and write
|
||
|
26F8E000
|
stack
|
page read and write
|
||
|
9DA000
|
heap
|
page read and write
|
||
|
B06000
|
heap
|
page read and write
|
||
|
A3F000
|
heap
|
page read and write
|
||
|
9DA000
|
heap
|
page read and write
|
||
|
935000
|
heap
|
page read and write
|
||
|
89E000
|
heap
|
page read and write
|
||
|
4A6000
|
remote allocation
|
page execute and read and write
|
||
|
AEE000
|
heap
|
page read and write
|
||
|
A0A000
|
heap
|
page read and write
|
||
|
AEB000
|
heap
|
page read and write
|
||
|
968000
|
heap
|
page read and write
|
||
|
AF8000
|
heap
|
page read and write
|
||
|
AAB000
|
heap
|
page read and write
|
||
|
92E000
|
heap
|
page read and write
|
||
|
22862000
|
direct allocation
|
page read and write
|
||
|
9071000
|
heap
|
page read and write
|
||
|
9071000
|
heap
|
page read and write
|
||
|
1D92E000
|
stack
|
page read and write
|
||
|
9071000
|
heap
|
page read and write
|
||
|
9CE000
|
stack
|
page read and write
|
||
|
1436E000
|
stack
|
page read and write
|
||
|
9F0000
|
heap
|
page read and write
|
||
|
9071000
|
heap
|
page read and write
|
||
|
A7D000
|
heap
|
page read and write
|
||
|
4DD000
|
remote allocation
|
page execute and read and write
|
||
|
AFA000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
A23000
|
heap
|
page read and write
|
||
|
22610000
|
heap
|
page read and write
|
||
|
9B9000
|
heap
|
page read and write
|
||
|
9D0000
|
heap
|
page read and write
|
||
|
9FD000
|
heap
|
page read and write
|
||
|
9A4000
|
heap
|
page read and write
|
||
|
9071000
|
heap
|
page read and write
|
||
|
AF2000
|
heap
|
page read and write
|
||
|
844000
|
heap
|
page read and write
|
||
|
ACF000
|
stack
|
page read and write
|
||
|
9071000
|
heap
|
page read and write
|
||
|
844000
|
heap
|
page read and write
|
||
|
AF8000
|
heap
|
page read and write
|
||
|
2410000
|
heap
|
page read and write
|
||
|
8AA000
|
heap
|
page read and write
|
||
|
A7E000
|
heap
|
page read and write
|
||
|
23B0000
|
direct allocation
|
page execute and read and write
|
||
|
9E1000
|
heap
|
page read and write
|
||
|
890000
|
heap
|
page read and write
|
||
|
9DD000
|
heap
|
page read and write
|
||
|
A19000
|
heap
|
page read and write
|
||
|
931000
|
heap
|
page read and write
|
||
|
18E2F000
|
stack
|
page read and write
|
||
|
8F5000
|
heap
|
page read and write
|
||
|
9F3000
|
heap
|
page read and write
|
||
|
9071000
|
heap
|
page read and write
|
||
|
A13000
|
heap
|
page read and write
|
||
|
AF2000
|
heap
|
page read and write
|
||
|
4F1000
|
unkown
|
page write copy
|
||
|
9071000
|
heap
|
page read and write
|
||
|
9F5000
|
heap
|
page read and write
|
||
|
B00000
|
heap
|
page read and write
|
||
|
7A50000
|
heap
|
page read and write
|
||
|
AFB000
|
heap
|
page read and write
|
||
|
710000
|
heap
|
page read and write
|
||
|
A14000
|
heap
|
page read and write
|
||
|
8A0000
|
heap
|
page read and write
|
||
|
AEA000
|
heap
|
page read and write
|
||
|
973000
|
heap
|
page read and write
|
||
|
9C3000
|
heap
|
page read and write
|
||
|
9C3000
|
heap
|
page read and write
|
||
|
9170000
|
unclassified section
|
page read and write
|
||
|
AAB000
|
heap
|
page read and write
|
||
|
A7D000
|
heap
|
page read and write
|
||
|
224ED000
|
heap
|
page read and write
|
||
|
8CE000
|
heap
|
page read and write
|
||
|
92E000
|
heap
|
page read and write
|
||
|
AF5000
|
heap
|
page read and write
|
||
|
AFF000
|
heap
|
page read and write
|
||
|
9AF000
|
heap
|
page read and write
|
||
|
9F0000
|
heap
|
page read and write
|
||
|
9F5000
|
heap
|
page read and write
|
||
|
9F3000
|
heap
|
page read and write
|
||
|
430000
|
remote allocation
|
page execute and read and write
|
||
|
9DA000
|
heap
|
page read and write
|
||
|
9071000
|
heap
|
page read and write
|
||
|
844000
|
heap
|
page read and write
|
||
|
AF8000
|
heap
|
page read and write
|
||
|
961000
|
heap
|
page read and write
|
||
|
11DEF000
|
stack
|
page read and write
|
||
|
965000
|
heap
|
page read and write
|
||
|
9C3000
|
heap
|
page read and write
|
||
|
9A3000
|
heap
|
page read and write
|
||
|
9CD000
|
heap
|
page read and write
|
||
|
22620000
|
trusted library allocation
|
page read and write
|
||
|
9D8000
|
heap
|
page read and write
|
||
|
97A000
|
heap
|
page read and write
|
||
|
9D1000
|
heap
|
page read and write
|
||
|
9A9000
|
heap
|
page read and write
|
||
|
22480000
|
heap
|
page read and write
|
||
|
9DB000
|
heap
|
page read and write
|
||
|
9CE000
|
heap
|
page read and write
|
||
|
88E000
|
stack
|
page read and write
|
||
|
9B1000
|
heap
|
page read and write
|
||
|
AF1000
|
heap
|
page read and write
|
||
|
ABE000
|
heap
|
page read and write
|
||
|
9FC000
|
heap
|
page read and write
|
||
|
9FD000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
A12000
|
heap
|
page read and write
|
||
|
97000
|
stack
|
page read and write
|
||
|
AFF000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
A7D000
|
heap
|
page read and write
|
||
|
9D2000
|
heap
|
page read and write
|
||
|
A0E000
|
heap
|
page read and write
|
||
|
94A000
|
heap
|
page read and write
|
||
|
9A2000
|
heap
|
page read and write
|
||
|
9E7000
|
heap
|
page read and write
|
||
|
844000
|
heap
|
page read and write
|
||
|
844000
|
heap
|
page read and write
|
||
|
9F7000
|
heap
|
page read and write
|
||
|
22620000
|
direct allocation
|
page execute and read and write
|
||
|
9FD000
|
heap
|
page read and write
|
||
|
9071000
|
heap
|
page read and write
|
||
|
9AC000
|
heap
|
page read and write
|
||
|
9071000
|
heap
|
page read and write
|
||
|
942000
|
heap
|
page read and write
|
||
|
1D99E000
|
stack
|
page read and write
|
||
|
9C2000
|
heap
|
page read and write
|
||
|
25F0000
|
heap
|
page read and write
|
||
|
AEE000
|
heap
|
page read and write
|
||
|
9AF000
|
heap
|
page read and write
|
||
|
A0A000
|
heap
|
page read and write
|
||
|
9AC000
|
heap
|
page read and write
|
||
|
9071000
|
heap
|
page read and write
|
||
|
9071000
|
heap
|
page read and write
|
||
|
A0C000
|
heap
|
page read and write
|
||
|
193000
|
stack
|
page read and write
|
||
|
1D960000
|
remote allocation
|
page read and write
|
||
|
AF2000
|
heap
|
page read and write
|
||
|
2BA25000
|
heap
|
page read and write
|
||
|
A0E000
|
heap
|
page read and write
|
||
|
2286A000
|
direct allocation
|
page readonly
|
||
|
A2A000
|
heap
|
page read and write
|
||
|
7F0000
|
heap
|
page read and write
|
||
|
844000
|
heap
|
page read and write
|
||
|
9071000
|
heap
|
page read and write
|
||
|
957000
|
heap
|
page read and write
|
||
|
8AE000
|
heap
|
page read and write
|
||
|
A07000
|
heap
|
page read and write
|
||
|
720000
|
heap
|
page read and write
|
||
|
968000
|
heap
|
page read and write
|
||
|
A08000
|
heap
|
page read and write
|
||
|
AF5000
|
heap
|
page read and write
|
||
|
9F0000
|
heap
|
page read and write
|
||
|
AEF000
|
heap
|
page read and write
|
||
|
A0F000
|
heap
|
page read and write
|
||
|
9E7000
|
heap
|
page read and write
|
||
|
AF2000
|
heap
|
page read and write
|
||
|
9071000
|
heap
|
page read and write
|
||
|
439000
|
remote allocation
|
page execute and read and write
|
||
|
844000
|
heap
|
page read and write
|
||
|
9F0000
|
heap
|
page read and write
|
||
|
9E2000
|
heap
|
page read and write
|
||
|
944000
|
heap
|
page read and write
|
||
|
9071000
|
heap
|
page read and write
|
||
|
7A2E000
|
stack
|
page read and write
|
||
|
90A000
|
heap
|
page read and write
|
||
|
96C000
|
heap
|
page read and write
|
||
|
224F5000
|
heap
|
page read and write
|
||
|
A3F000
|
heap
|
page read and write
|
||
|
844000
|
heap
|
page read and write
|
||
|
9F5000
|
heap
|
page read and write
|
||
|
A07000
|
heap
|
page read and write
|
||
|
97B000
|
heap
|
page read and write
|
||
|
921000
|
heap
|
page read and write
|
||
|
9071000
|
heap
|
page read and write
|
||
|
9071000
|
heap
|
page read and write
|
||
|
B33000
|
heap
|
page read and write
|
||
|
A0A000
|
heap
|
page read and write
|
||
|
1D960000
|
remote allocation
|
page read and write
|
||
|
B03000
|
heap
|
page read and write
|
||
|
2BB83000
|
heap
|
page read and write
|
||
|
A07000
|
heap
|
page read and write
|
||
|
A1F000
|
heap
|
page read and write
|
||
|
2940000
|
direct allocation
|
page execute and read and write
|
||
|
A0E000
|
heap
|
page read and write
|
||
|
9DE000
|
heap
|
page read and write
|
||
|
9DA000
|
heap
|
page read and write
|
||
|
9071000
|
heap
|
page read and write
|
||
|
4D1000
|
remote allocation
|
page execute and read and write
|
||
|
9F9000
|
heap
|
page read and write
|
||
|
502000
|
remote allocation
|
page execute and read and write
|
||
|
22470000
|
heap
|
page read and write
|
||
|
A7D000
|
heap
|
page read and write
|
||
|
AEE000
|
heap
|
page read and write
|
||
|
9DA000
|
heap
|
page read and write
|
||
|
AEA000
|
heap
|
page read and write
|
||
|
B06000
|
heap
|
page read and write
|
||
|
2249D000
|
heap
|
page read and write
|
||
|
899000
|
heap
|
page read and write
|
||
|
4F4000
|
unkown
|
page read and write
|
||
|
911000
|
heap
|
page read and write
|
||
|
9DE000
|
heap
|
page read and write
|
There are 439 hidden memdumps, click here to show them.