Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
S8co1ACRdn.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\katAE61.tmp
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\ProgramData\AFHDAEGHDGDB\AAEBAK
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 39, cookie 0x20, schema 4,
UTF-8, version-valid-for 1
|
dropped
|
||
|
C:\ProgramData\AFHDAEGHDGDB\BGDHDA
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 7, database pages 5, cookie 0x5, schema 4, UTF-8,
version-valid-for 7
|
dropped
|
||
|
C:\ProgramData\AFHDAEGHDGDB\DHDAKF
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 38, cookie 0x1f, schema 4,
UTF-8, version-valid-for 1
|
dropped
|
||
|
C:\ProgramData\AFHDAEGHDGDB\EBFBFB
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 8, database pages 89, cookie
0x36, schema 4, UTF-8, version-valid-for 8
|
modified
|
||
|
C:\ProgramData\AFHDAEGHDGDB\GCBKEC
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 20, cookie
0xb, schema 4, UTF-8, version-valid-for 1
|
dropped
|
||
|
C:\ProgramData\AFHDAEGHDGDB\GHCAAA
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 25, cookie
0xe, schema 4, UTF-8, version-valid-for 1
|
dropped
|
||
|
C:\ProgramData\AFHDAEGHDGDB\HDBKJE
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 4, database pages 5, cookie 0x3, schema 4, UTF-8,
version-valid-for 4
|
dropped
|
||
|
C:\ProgramData\AFHDAEGHDGDB\HDGIEB
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie
0x21, schema 4, UTF-8, version-valid-for 3
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506
|
Microsoft Cabinet archive data, Windows 2000/XP setup, 71954 bytes, 1 file, at 0x2c +A "authroot.stl", number 1, 6 datablocks,
0x1 compression
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\sqlt[1].dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
There are 3 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\S8co1ACRdn.exe
|
"C:\Users\user\Desktop\S8co1ACRdn.exe"
|
|
|
|
C:\Users\user\AppData\Local\Temp\katAE61.tmp
|
C:\Users\user\AppData\Local\Temp\katAE61.tmp
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://t.me/
|
unknown
|
|
|
|
https://steamcommunity.com/profiles/76561199707802586
|
|
||
|
https://t.me/g067n
|
149.154.167.99
|
|
|
|
https://duckduckgo.com/chrome_newtab
|
unknown
|
||
|
https://duckduckgo.com/ac/?q=
|
unknown
|
||
|
https://195.201.251.214:9000/vcruntime140.dllser
|
unknown
|
||
|
http://schemas.xmlsoap.org/soap/encoding/Nhttp://www.borland.com/namespaces/Types
|
unknown
|
||
|
https://195.201.251.214:9000/mozglue.dll
|
unknown
|
||
|
https://195.201.251.214:9000/nss3.dll
|
unknown
|
||
|
https://web.telegram.org
|
unknown
|
||
|
https://steamcommunity.com/profiles/76561199707802586hellosqlt.dllsqlite3.dll
|
unknown
|
||
|
https://195.201.251.214:9000/
|
unknown
|
||
|
https://195.201.251.214:9000/X/
|
unknown
|
||
|
https://195.201.251.214:9000/softokn3.dll7
|
unknown
|
||
|
https://195.201.251.214:9000/l
|
unknown
|
||
|
https://195.201.251.214:9000/msvcp140.dllge
|
unknown
|
||
|
https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
|
unknown
|
||
|
https://195.201.251.214:9000/Mac
|
unknown
|
||
|
https://195.201.251.214:9000/freebl3.dlllt
|
unknown
|
||
|
https://195.201.251.214:9000/9T
|
unknown
|
||
|
http://ctldl.windowsC
|
unknown
|
||
|
https://195.201.251.214:9000040gle
|
unknown
|
||
|
https://t.me/K3b
|
unknown
|
||
|
https://195.201.251.214:9000/nss3.dll8
|
unknown
|
||
|
https://195.201.251.214:9000/q
|
unknown
|
||
|
http://ctldl.windows
|
unknown
|
||
|
http://www.borland.com/namespaces/Typesm
|
unknown
|
||
|
http://www.borland.com/namespaces/Types
|
unknown
|
||
|
https://195.201.251.214:9000/freebl3.dlldge
|
unknown
|
||
|
https://195.201.251.214:9000/$
|
unknown
|
||
|
http://schemas.xmlsoap.org/soap/encoding/_non
|
unknown
|
||
|
https://195.201.251.214:9000/freebl3.dlle
|
unknown
|
||
|
https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search
|
unknown
|
||
|
https://195.201.251.214:9000/freebl3.dllffsets
|
unknown
|
||
|
http://www.microsoft.cO
|
unknown
|
||
|
https://195.201.251.214:9000/freebl3.dll
|
unknown
|
||
|
https://195.201.251.214:9000/mozglue.dllw
|
unknown
|
||
|
https://195.201.251.214:9000ng
|
unknown
|
||
|
https://195.201.251.214:9000/softokn3.dll
|
unknown
|
||
|
https://t.me/g067nry1neMozilla/5.0
|
unknown
|
||
|
http://www.sqlite.org/copyright.html.
|
unknown
|
||
|
https://195.201.251.214:9000/40rosoft
|
unknown
|
||
|
https://195.201.251.214:9000/Microsoft
|
unknown
|
||
|
https://www.google.com/images/branding/product/ico/googleg_lodp.ico
|
unknown
|
||
|
https://195.201.251.214:9000/msvcp140.dll
|
unknown
|
||
|
https://195.201.251.214:9000/softokn3.dllge
|
unknown
|
||
|
https://195.201.251.214:9000/:900014:9000/freebl3.dll
|
unknown
|
||
|
https://195.201.251.214:9000/mozglue.dlldge
|
unknown
|
||
|
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
|
unknown
|
||
|
http://rpi.net.au/~ajohnson/resourcehacker
|
unknown
|
||
|
https://195.201.251.214:9000/vcruntime140.dllrv:129.0)
|
unknown
|
||
|
https://195.201.251.214:9000/softokn3.dllo
|
unknown
|
||
|
https://www.ecosia.org/newtab/
|
unknown
|
||
|
https://t.me/g067nI
|
unknown
|
||
|
http://www.borland.com/namespaces/TypesX8
|
unknown
|
||
|
https://195.201.251.214/$)l
|
unknown
|
||
|
https://195.201.251.214:9000/nss3.dllt
|
unknown
|
||
|
https://195.201.251.214:9000/TT
|
unknown
|
||
|
https://195.201.251.214:9000/0
|
unknown
|
||
|
https://195.201.251.214:9000/vcruntime140.dll
|
unknown
|
||
|
https://ac.ecosia.org/autocomplete?q=
|
unknown
|
||
|
https://195.201.251.214:9000/date_1
|
unknown
|
||
|
https://195.201.251.214:9000/d
|
unknown
|
||
|
https://195.201.251.214:9000/c
|
unknown
|
||
|
https://195.201.251.214/
|
unknown
|
||
|
https://195.201.251.214:9000/mozglue.dll.15;
|
unknown
|
||
|
http://www.borland.com/namespaces/Typesmmon-c
|
unknown
|
||
|
https://195.201.251.214:9000
|
unknown
|
||
|
http://www.borland.com/namespaces/Typesc0da53
|
unknown
|
||
|
https://195.201.251.214:9000/vcruntime140.dll_
|
unknown
|
||
|
https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=
|
unknown
|
||
|
https://195.201.251.214:9000/sqlt.dll
|
unknown
|
||
|
https://195.201.251.214:9000ontent-Disposition:
|
unknown
|
There are 63 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
t.me
|
149.154.167.99
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
149.154.167.99
|
t.me
|
United Kingdom
|
|
|
|
195.201.251.214
|
unknown
|
Germany
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
23C0000
|
direct allocation
|
page execute and read and write
|
|
|
|
4200000
|
direct allocation
|
page read and write
|
|
|
|
2BB0000
|
direct allocation
|
page execute and read and write
|
|
|
|
2CBB000
|
direct allocation
|
page execute and read and write
|
|
|
|
8F51000
|
heap
|
page read and write
|
||
|
800000
|
direct allocation
|
page execute and read and write
|
||
|
4AF000
|
unkown
|
page write copy
|
||
|
878000
|
heap
|
page read and write
|
||
|
4B1000
|
remote allocation
|
page execute and read and write
|
||
|
7BF000
|
heap
|
page read and write
|
||
|
8E7000
|
heap
|
page read and write
|
||
|
4DD000
|
remote allocation
|
page execute and read and write
|
||
|
734000
|
heap
|
page read and write
|
||
|
53F7000
|
heap
|
page read and write
|
||
|
8F55000
|
heap
|
page read and write
|
||
|
8C3000
|
heap
|
page read and write
|
||
|
834000
|
heap
|
page read and write
|
||
|
296AB000
|
heap
|
page read and write
|
||
|
734000
|
heap
|
page read and write
|
||
|
8B0000
|
heap
|
page read and write
|
||
|
840000
|
heap
|
page read and write
|
||
|
842000
|
heap
|
page read and write
|
||
|
8D2000
|
heap
|
page read and write
|
||
|
2AA0000
|
direct allocation
|
page execute and read and write
|
||
|
8C8000
|
heap
|
page read and write
|
||
|
8AB000
|
heap
|
page read and write
|
||
|
502000
|
remote allocation
|
page execute and read and write
|
||
|
8C5000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
970000
|
heap
|
page read and write
|
||
|
9CA000
|
heap
|
page read and write
|
||
|
891000
|
heap
|
page read and write
|
||
|
8B0000
|
heap
|
page read and write
|
||
|
1430E000
|
stack
|
page read and write
|
||
|
8EB000
|
heap
|
page read and write
|
||
|
4A6000
|
remote allocation
|
page execute and read and write
|
||
|
780000
|
heap
|
page read and write
|
||
|
89D000
|
heap
|
page read and write
|
||
|
8D4000
|
heap
|
page read and write
|
||
|
932000
|
heap
|
page read and write
|
||
|
8F60000
|
heap
|
page read and write
|
||
|
8F51000
|
heap
|
page read and write
|
||
|
892000
|
heap
|
page read and write
|
||
|
8FA000
|
heap
|
page read and write
|
||
|
8C8000
|
heap
|
page read and write
|
||
|
227A8000
|
direct allocation
|
page execute read
|
||
|
8F51000
|
heap
|
page read and write
|
||
|
425000
|
remote allocation
|
page execute and read and write
|
||
|
9FE000
|
heap
|
page read and write
|
||
|
8CB000
|
heap
|
page read and write
|
||
|
8F3000
|
heap
|
page read and write
|
||
|
83B000
|
heap
|
page read and write
|
||
|
11D4F000
|
stack
|
page read and write
|
||
|
7EE000
|
heap
|
page read and write
|
||
|
8F3000
|
heap
|
page read and write
|
||
|
8F51000
|
heap
|
page read and write
|
||
|
896000
|
heap
|
page read and write
|
||
|
800000
|
heap
|
page read and write
|
||
|
226A0000
|
heap
|
page read and write
|
||
|
8A0000
|
heap
|
page read and write
|
||
|
4F1000
|
unkown
|
page read and write
|
||
|
8F51000
|
heap
|
page read and write
|
||
|
224AD000
|
heap
|
page read and write
|
||
|
8F51000
|
heap
|
page read and write
|
||
|
50E000
|
remote allocation
|
page execute and read and write
|
||
|
224F5000
|
heap
|
page read and write
|
||
|
8CB000
|
heap
|
page read and write
|
||
|
8FA000
|
heap
|
page read and write
|
||
|
8AB000
|
heap
|
page read and write
|
||
|
75E000
|
stack
|
page read and write
|
||
|
8F2000
|
heap
|
page read and write
|
||
|
893000
|
heap
|
page read and write
|
||
|
1B37D000
|
stack
|
page read and write
|
||
|
229E2000
|
direct allocation
|
page read and write
|
||
|
229EF000
|
direct allocation
|
page readonly
|
||
|
894000
|
heap
|
page read and write
|
||
|
949000
|
heap
|
page read and write
|
||
|
8F51000
|
heap
|
page read and write
|
||
|
842000
|
heap
|
page read and write
|
||
|
8A1000
|
heap
|
page read and write
|
||
|
8AB000
|
heap
|
page read and write
|
||
|
8BC000
|
heap
|
page read and write
|
||
|
8F51000
|
heap
|
page read and write
|
||
|
4F4000
|
unkown
|
page read and write
|
||
|
8F51000
|
heap
|
page read and write
|
||
|
907000
|
heap
|
page read and write
|
||
|
8F51000
|
heap
|
page read and write
|
||
|
896000
|
heap
|
page read and write
|
||
|
8E9000
|
heap
|
page read and write
|
||
|
87D000
|
heap
|
page read and write
|
||
|
88B000
|
heap
|
page read and write
|
||
|
8C3000
|
heap
|
page read and write
|
||
|
85F000
|
heap
|
page read and write
|
||
|
7F5000
|
heap
|
page read and write
|
||
|
8BC000
|
heap
|
page read and write
|
||
|
8D6000
|
heap
|
page read and write
|
||
|
949000
|
heap
|
page read and write
|
||
|
9D0000
|
heap
|
page read and write
|
||
|
710000
|
heap
|
page read and write
|
||
|
4F1000
|
unkown
|
page write copy
|
||
|
8A4000
|
heap
|
page read and write
|
||
|
87B000
|
heap
|
page read and write
|
||
|
7C7000
|
heap
|
page read and write
|
||
|
82D000
|
heap
|
page read and write
|
||
|
99E000
|
heap
|
page read and write
|
||
|
225CC000
|
stack
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
22480000
|
heap
|
page read and write
|
||
|
734000
|
heap
|
page read and write
|
||
|
910000
|
heap
|
page read and write
|
||
|
836000
|
heap
|
page read and write
|
||
|
8F51000
|
heap
|
page read and write
|
||
|
641000
|
remote allocation
|
page execute and read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
885000
|
heap
|
page read and write
|
||
|
23B0000
|
heap
|
page read and write
|
||
|
734000
|
heap
|
page read and write
|
||
|
85F000
|
heap
|
page read and write
|
||
|
9CA000
|
heap
|
page read and write
|
||
|
734000
|
heap
|
page read and write
|
||
|
8F51000
|
heap
|
page read and write
|
||
|
9CA000
|
heap
|
page read and write
|
||
|
439000
|
remote allocation
|
page execute and read and write
|
||
|
26F4C000
|
stack
|
page read and write
|
||
|
8A3000
|
heap
|
page read and write
|
||
|
842000
|
heap
|
page read and write
|
||
|
7F6000
|
heap
|
page read and write
|
||
|
88F000
|
heap
|
page read and write
|
||
|
8AB000
|
heap
|
page read and write
|
||
|
89C000
|
heap
|
page read and write
|
||
|
863000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
886000
|
heap
|
page read and write
|
||
|
734000
|
heap
|
page read and write
|
||
|
8C1000
|
heap
|
page read and write
|
||
|
4B4000
|
unkown
|
page readonly
|
||
|
8C8000
|
heap
|
page read and write
|
||
|
193000
|
stack
|
page read and write
|
||
|
8F51000
|
heap
|
page read and write
|
||
|
8B4000
|
heap
|
page read and write
|
||
|
4D1000
|
remote allocation
|
page execute and read and write
|
||
|
8FA000
|
heap
|
page read and write
|
||
|
8C4000
|
heap
|
page read and write
|
||
|
808000
|
heap
|
page read and write
|
||
|
8CB000
|
heap
|
page read and write
|
||
|
8F51000
|
heap
|
page read and write
|
||
|
885000
|
heap
|
page read and write
|
||
|
227A0000
|
direct allocation
|
page execute and read and write
|
||
|
84B000
|
heap
|
page read and write
|
||
|
8C4000
|
heap
|
page read and write
|
||
|
168AE000
|
stack
|
page read and write
|
||
|
7DE000
|
heap
|
page read and write
|
||
|
8FE000
|
heap
|
page read and write
|
||
|
43F000
|
remote allocation
|
page execute and read and write
|
||
|
8C9000
|
heap
|
page read and write
|
||
|
970000
|
heap
|
page read and write
|
||
|
85D000
|
heap
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
8D4000
|
heap
|
page read and write
|
||
|
8F3000
|
heap
|
page read and write
|
||
|
88B000
|
heap
|
page read and write
|
||
|
944000
|
heap
|
page read and write
|
||
|
8B7000
|
heap
|
page read and write
|
||
|
8F51000
|
heap
|
page read and write
|
||
|
818000
|
heap
|
page read and write
|
||
|
85C000
|
heap
|
page read and write
|
||
|
87A000
|
heap
|
page read and write
|
||
|
873000
|
heap
|
page read and write
|
||
|
8E1000
|
heap
|
page read and write
|
||
|
887000
|
heap
|
page read and write
|
||
|
8BF000
|
heap
|
page read and write
|
||
|
8AB000
|
heap
|
page read and write
|
||
|
8C8000
|
heap
|
page read and write
|
||
|
932000
|
heap
|
page read and write
|
||
|
8AC000
|
heap
|
page read and write
|
||
|
539000
|
remote allocation
|
page execute and read and write
|
||
|
8A1000
|
heap
|
page read and write
|
||
|
867000
|
heap
|
page read and write
|
||
|
7F8000
|
heap
|
page read and write
|
||
|
8F70000
|
heap
|
page read and write
|
||
|
913000
|
heap
|
page read and write
|
||
|
1D960000
|
remote allocation
|
page read and write
|
||
|
8D1000
|
heap
|
page read and write
|
||
|
910000
|
heap
|
page read and write
|
||
|
78A000
|
heap
|
page read and write
|
||
|
1B3BE000
|
stack
|
page read and write
|
||
|
734000
|
heap
|
page read and write
|
||
|
907000
|
heap
|
page read and write
|
||
|
8F51000
|
heap
|
page read and write
|
||
|
4A9000
|
remote allocation
|
page execute and read and write
|
||
|
80F000
|
heap
|
page read and write
|
||
|
8D2000
|
heap
|
page read and write
|
||
|
9050000
|
unclassified section
|
page read and write
|
||
|
9D1000
|
heap
|
page read and write
|
||
|
734000
|
heap
|
page read and write
|
||
|
430000
|
remote allocation
|
page execute and read and write
|
||
|
8F3000
|
heap
|
page read and write
|
||
|
22470000
|
heap
|
page read and write
|
||
|
8D4000
|
heap
|
page read and write
|
||
|
8BC000
|
heap
|
page read and write
|
||
|
862000
|
heap
|
page read and write
|
||
|
7CC000
|
heap
|
page read and write
|
||
|
1D99E000
|
stack
|
page read and write
|
||
|
1FF2E000
|
stack
|
page read and write
|
||
|
8A2000
|
heap
|
page read and write
|
||
|
11D8E000
|
stack
|
page read and write
|
||
|
9D1000
|
heap
|
page read and write
|
||
|
827000
|
heap
|
page read and write
|
||
|
F80E000
|
stack
|
page read and write
|
||
|
81D000
|
heap
|
page read and write
|
||
|
8E4000
|
heap
|
page read and write
|
||
|
807000
|
heap
|
page read and write
|
||
|
8C8000
|
heap
|
page read and write
|
||
|
29604000
|
heap
|
page read and write
|
||
|
8C4000
|
heap
|
page read and write
|
||
|
8F51000
|
heap
|
page read and write
|
||
|
734000
|
heap
|
page read and write
|
||
|
81C000
|
heap
|
page read and write
|
||
|
8D6000
|
heap
|
page read and write
|
||
|
8F51000
|
heap
|
page read and write
|
||
|
801000
|
heap
|
page read and write
|
||
|
842000
|
heap
|
page read and write
|
||
|
896000
|
heap
|
page read and write
|
||
|
296AD000
|
heap
|
page read and write
|
||
|
873000
|
heap
|
page read and write
|
||
|
904000
|
heap
|
page read and write
|
||
|
8E1000
|
heap
|
page read and write
|
||
|
85C000
|
heap
|
page read and write
|
||
|
730000
|
heap
|
page read and write
|
||
|
8A1000
|
heap
|
page read and write
|
||
|
892000
|
heap
|
page read and write
|
||
|
8F51000
|
heap
|
page read and write
|
||
|
8B5000
|
heap
|
page read and write
|
||
|
8F51000
|
heap
|
page read and write
|
||
|
84E000
|
heap
|
page read and write
|
||
|
90A000
|
heap
|
page read and write
|
||
|
8D4000
|
heap
|
page read and write
|
||
|
88B000
|
heap
|
page read and write
|
||
|
8F50000
|
heap
|
page read and write
|
||
|
876000
|
heap
|
page read and write
|
||
|
2246E000
|
stack
|
page read and write
|
||
|
8F51000
|
heap
|
page read and write
|
||
|
9CA000
|
heap
|
page read and write
|
||
|
7DB000
|
heap
|
page read and write
|
||
|
720000
|
heap
|
page read and write
|
||
|
82C000
|
heap
|
page read and write
|
||
|
8F51000
|
heap
|
page read and write
|
||
|
9CA000
|
heap
|
page read and write
|
||
|
9CB000
|
heap
|
page read and write
|
||
|
856000
|
heap
|
page read and write
|
||
|
9CA000
|
heap
|
page read and write
|
||
|
5C8000
|
remote allocation
|
page execute and read and write
|
||
|
891000
|
heap
|
page read and write
|
||
|
8E2000
|
heap
|
page read and write
|
||
|
2248C000
|
heap
|
page read and write
|
||
|
867000
|
heap
|
page read and write
|
||
|
8C8000
|
heap
|
page read and write
|
||
|
9FE000
|
heap
|
page read and write
|
||
|
4443000
|
direct allocation
|
page read and write
|
||
|
7D6000
|
heap
|
page read and write
|
||
|
9D0000
|
heap
|
page read and write
|
||
|
8A1000
|
heap
|
page read and write
|
||
|
8F51000
|
heap
|
page read and write
|
||
|
896000
|
heap
|
page read and write
|
||
|
839000
|
heap
|
page read and write
|
||
|
99E000
|
heap
|
page read and write
|
||
|
8E1000
|
heap
|
page read and write
|
||
|
142CF000
|
stack
|
page read and write
|
||
|
8A0000
|
heap
|
page read and write
|
||
|
88F000
|
heap
|
page read and write
|
||
|
8AB000
|
heap
|
page read and write
|
||
|
229ED000
|
direct allocation
|
page readonly
|
||
|
8CB000
|
heap
|
page read and write
|
||
|
8F3000
|
heap
|
page read and write
|
||
|
8F55000
|
heap
|
page read and write
|
||
|
8F51000
|
heap
|
page read and write
|
||
|
856000
|
heap
|
page read and write
|
||
|
887000
|
heap
|
page read and write
|
||
|
18DEF000
|
stack
|
page read and write
|
||
|
871000
|
heap
|
page read and write
|
||
|
4F5000
|
unkown
|
page write copy
|
||
|
8F51000
|
heap
|
page read and write
|
||
|
295E6000
|
heap
|
page read and write
|
||
|
53FE000
|
heap
|
page read and write
|
||
|
7EB000
|
heap
|
page read and write
|
||
|
734000
|
heap
|
page read and write
|
||
|
8E0000
|
heap
|
page read and write
|
||
|
860000
|
heap
|
page read and write
|
||
|
88B000
|
heap
|
page read and write
|
||
|
8B3000
|
heap
|
page read and write
|
||
|
99E000
|
heap
|
page read and write
|
||
|
F7B0000
|
heap
|
page read and write
|
||
|
8C4000
|
heap
|
page read and write
|
||
|
8F51000
|
heap
|
page read and write
|
||
|
86B000
|
heap
|
page read and write
|
||
|
2663000
|
heap
|
page read and write
|
||
|
867000
|
heap
|
page read and write
|
||
|
846000
|
heap
|
page read and write
|
||
|
856000
|
heap
|
page read and write
|
||
|
970000
|
heap
|
page read and write
|
||
|
88E000
|
heap
|
page read and write
|
||
|
1D8FE000
|
stack
|
page read and write
|
||
|
883000
|
heap
|
page read and write
|
||
|
836000
|
heap
|
page read and write
|
||
|
850000
|
heap
|
page read and write
|
||
|
4FA000
|
unkown
|
page readonly
|
||
|
8C4000
|
heap
|
page read and write
|
||
|
8C8000
|
heap
|
page read and write
|
||
|
8D0000
|
heap
|
page read and write
|
||
|
8B7000
|
heap
|
page read and write
|
||
|
22607000
|
heap
|
page read and write
|
||
|
836000
|
heap
|
page read and write
|
||
|
913000
|
heap
|
page read and write
|
||
|
823000
|
heap
|
page read and write
|
||
|
8CB000
|
heap
|
page read and write
|
||
|
99F000
|
heap
|
page read and write
|
||
|
79E000
|
stack
|
page read and write
|
||
|
8B7000
|
heap
|
page read and write
|
||
|
8B5000
|
heap
|
page read and write
|
||
|
833000
|
heap
|
page read and write
|
||
|
734000
|
heap
|
page read and write
|
||
|
7D0000
|
heap
|
page read and write
|
||
|
18E3E000
|
stack
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
734000
|
heap
|
page read and write
|
||
|
82C000
|
heap
|
page read and write
|
||
|
8D4000
|
heap
|
page read and write
|
||
|
7D6000
|
heap
|
page read and write
|
||
|
8AC000
|
heap
|
page read and write
|
||
|
9CA000
|
heap
|
page read and write
|
||
|
8F51000
|
heap
|
page read and write
|
||
|
892000
|
heap
|
page read and write
|
||
|
7B0000
|
heap
|
page read and write
|
||
|
8C7000
|
heap
|
page read and write
|
||
|
8AB000
|
heap
|
page read and write
|
||
|
836000
|
heap
|
page read and write
|
||
|
52D000
|
remote allocation
|
page execute and read and write
|
||
|
824000
|
heap
|
page read and write
|
||
|
82D000
|
heap
|
page read and write
|
||
|
8DB000
|
heap
|
page read and write
|
||
|
8A3000
|
heap
|
page read and write
|
||
|
8F51000
|
heap
|
page read and write
|
||
|
1FEDF000
|
stack
|
page read and write
|
||
|
87C000
|
heap
|
page read and write
|
||
|
9CA000
|
heap
|
page read and write
|
||
|
229EA000
|
direct allocation
|
page readonly
|
||
|
401000
|
unkown
|
page execute read
|
||
|
82A000
|
heap
|
page read and write
|
||
|
88F000
|
heap
|
page read and write
|
||
|
8C8000
|
heap
|
page read and write
|
||
|
8E1000
|
heap
|
page read and write
|
||
|
808000
|
heap
|
page read and write
|
||
|
88A000
|
heap
|
page read and write
|
||
|
229AF000
|
direct allocation
|
page readonly
|
||
|
8F9000
|
heap
|
page read and write
|
||
|
820000
|
heap
|
page read and write
|
||
|
8AB000
|
heap
|
page read and write
|
||
|
88A000
|
heap
|
page read and write
|
||
|
7D9000
|
heap
|
page read and write
|
||
|
22790000
|
heap
|
page read and write
|
||
|
8F51000
|
heap
|
page read and write
|
||
|
229B8000
|
direct allocation
|
page readonly
|
||
|
8D5000
|
heap
|
page read and write
|
||
|
84E000
|
heap
|
page read and write
|
||
|
896000
|
heap
|
page read and write
|
||
|
2660000
|
heap
|
page read and write
|
||
|
1684F000
|
stack
|
page read and write
|
||
|
8F51000
|
heap
|
page read and write
|
||
|
8D4000
|
heap
|
page read and write
|
||
|
53F0000
|
heap
|
page read and write
|
||
|
8F51000
|
heap
|
page read and write
|
||
|
9D0000
|
heap
|
page read and write
|
||
|
2949F000
|
heap
|
page read and write
|
||
|
896000
|
heap
|
page read and write
|
||
|
834000
|
heap
|
page read and write
|
||
|
88E000
|
heap
|
page read and write
|
||
|
814000
|
heap
|
page read and write
|
||
|
8D4000
|
heap
|
page read and write
|
||
|
896000
|
heap
|
page read and write
|
||
|
78E000
|
heap
|
page read and write
|
||
|
734000
|
heap
|
page read and write
|
||
|
8D6000
|
heap
|
page read and write
|
||
|
8DB000
|
heap
|
page read and write
|
||
|
8BC000
|
heap
|
page read and write
|
||
|
8CB000
|
heap
|
page read and write
|
||
|
8D4000
|
heap
|
page read and write
|
||
|
22A01000
|
heap
|
page read and write
|
||
|
227A1000
|
direct allocation
|
page execute read
|
||
|
842000
|
heap
|
page read and write
|
||
|
896000
|
heap
|
page read and write
|
||
|
294A6000
|
heap
|
page read and write
|
||
|
86A000
|
heap
|
page read and write
|
||
|
81C000
|
heap
|
page read and write
|
||
|
229AD000
|
direct allocation
|
page execute read
|
||
|
97000
|
stack
|
page read and write
|
||
|
889000
|
heap
|
page read and write
|
||
|
970000
|
heap
|
page read and write
|
||
|
856000
|
heap
|
page read and write
|
||
|
894000
|
heap
|
page read and write
|
||
|
8F53000
|
heap
|
page read and write
|
||
|
8C8000
|
heap
|
page read and write
|
||
|
9CA000
|
heap
|
page read and write
|
||
|
8C8000
|
heap
|
page read and write
|
||
|
9D1000
|
heap
|
page read and write
|
||
|
8F51000
|
heap
|
page read and write
|
||
|
88B000
|
heap
|
page read and write
|
||
|
8C8000
|
heap
|
page read and write
|
||
|
445000
|
remote allocation
|
page execute and read and write
|
||
|
2480000
|
direct allocation
|
page read and write
|
||
|
800000
|
heap
|
page read and write
|
||
|
4AC000
|
unkown
|
page write copy
|
||
|
734000
|
heap
|
page read and write
|
||
|
8C3000
|
heap
|
page read and write
|
||
|
904000
|
heap
|
page read and write
|
||
|
1D960000
|
remote allocation
|
page read and write
|
||
|
896000
|
heap
|
page read and write
|
||
|
2249D000
|
heap
|
page read and write
|
||
|
8CA000
|
heap
|
page read and write
|
||
|
882000
|
heap
|
page read and write
|
||
|
810000
|
heap
|
page read and write
|
||
|
8F51000
|
heap
|
page read and write
|
||
|
938000
|
heap
|
page read and write
|
||
|
7F0000
|
heap
|
page read and write
|
||
|
80E000
|
heap
|
page read and write
|
||
|
8F5F000
|
heap
|
page read and write
|
||
|
8AE000
|
heap
|
page read and write
|
||
|
818000
|
heap
|
page read and write
|
||
|
734000
|
heap
|
page read and write
|
||
|
8F51000
|
heap
|
page read and write
|
||
|
B3F000
|
stack
|
page read and write
|
||
|
7FF000
|
heap
|
page read and write
|
||
|
8A1000
|
heap
|
page read and write
|
||
|
99E000
|
heap
|
page read and write
|
||
|
8F3000
|
heap
|
page read and write
|
||
|
89D000
|
heap
|
page read and write
|
||
|
9050000
|
trusted library allocation
|
page read and write
|
||
|
90A000
|
heap
|
page read and write
|
||
|
734000
|
heap
|
page read and write
|
||
|
8F51000
|
heap
|
page read and write
|
||
|
8C3000
|
heap
|
page read and write
|
||
|
9CA000
|
heap
|
page read and write
|
||
|
8F51000
|
heap
|
page read and write
|
||
|
8F51000
|
heap
|
page read and write
|
||
|
8E2000
|
heap
|
page read and write
|
||
|
8AC000
|
heap
|
page read and write
|
||
|
8FB000
|
heap
|
page read and write
|
||
|
80E000
|
heap
|
page read and write
|
||
|
83B000
|
heap
|
page read and write
|
||
|
8F51000
|
heap
|
page read and write
|
||
|
8A0000
|
heap
|
page read and write
|
||
|
8D5000
|
heap
|
page read and write
|
||
|
8C4000
|
heap
|
page read and write
|
||
|
2470000
|
heap
|
page read and write
|
||
|
734000
|
heap
|
page read and write
|
||
|
84A000
|
heap
|
page read and write
|
||
|
88F000
|
heap
|
page read and write
|
||
|
225E0000
|
trusted library allocation
|
page read and write
|
||
|
1D960000
|
remote allocation
|
page read and write
|
||
|
8F51000
|
heap
|
page read and write
|
||
|
22906000
|
direct allocation
|
page execute read
|
||
|
8F51000
|
heap
|
page read and write
|
||
|
224ED000
|
heap
|
page read and write
|
||
|
88B000
|
heap
|
page read and write
|
||
|
7C2000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
896000
|
heap
|
page read and write
|
||
|
88E000
|
heap
|
page read and write
|
||
|
734000
|
heap
|
page read and write
|
||
|
8B6000
|
heap
|
page read and write
|
||
|
8E0000
|
heap
|
page read and write
|
||
|
8F51000
|
heap
|
page read and write
|
||
|
9CA000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
8F51000
|
heap
|
page read and write
|
||
|
8A1000
|
heap
|
page read and write
|
||
|
A3F000
|
stack
|
page read and write
|
There are 466 hidden memdumps, click here to show them.