Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
vjYcExA6ou.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\vjYcExA6ou.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\ProgramData\JKECFCFBGDHI\AFHDAK
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 20, cookie
0xb, schema 4, UTF-8, version-valid-for 1
|
dropped
|
||
|
C:\ProgramData\JKECFCFBGDHI\DHCAEC
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 4, database pages 5, cookie 0x3, schema 4, UTF-8,
version-valid-for 4
|
dropped
|
||
|
C:\ProgramData\JKECFCFBGDHI\EHDGCG
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 8, database pages 89, cookie
0x36, schema 4, UTF-8, version-valid-for 8
|
modified
|
||
|
C:\ProgramData\JKECFCFBGDHI\EHJDGC
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 39, cookie 0x20, schema 4,
UTF-8, version-valid-for 1
|
dropped
|
||
|
C:\ProgramData\JKECFCFBGDHI\FIJECA
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 25, cookie
0xe, schema 4, UTF-8, version-valid-for 1
|
dropped
|
||
|
C:\ProgramData\JKECFCFBGDHI\HDAAAA
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie
0x21, schema 4, UTF-8, version-valid-for 3
|
dropped
|
||
|
C:\ProgramData\JKECFCFBGDHI\IDHIDB
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 7, database pages 5, cookie 0x5, schema 4, UTF-8,
version-valid-for 7
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506
|
Microsoft Cabinet archive data, Windows 2000/XP setup, 71954 bytes, 1 file, at 0x2c +A "authroot.stl", number 1, 6 datablocks,
0x1 compression
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\sqlt[1].dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
There are 2 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\vjYcExA6ou.exe
|
"C:\Users\user\Desktop\vjYcExA6ou.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe"
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://t.me/
|
unknown
|
|
|
|
https://steamcommunity.com/profiles/76561199707802586
|
|
||
|
https://t.me/g067n
|
149.154.167.99
|
|
|
|
https://duckduckgo.com/chrome_newtab
|
unknown
|
||
|
https://jira.adguard.com/browse/AG-20455N
|
unknown
|
||
|
https://duckduckgo.com/ac/?q=
|
unknown
|
||
|
https://195.201.251.214:9000/vcruntime140.dllser
|
unknown
|
||
|
https://195.201.251.214:9000/mozglue.dll
|
unknown
|
||
|
https://195.201.251.214:9000/nss3.dll
|
unknown
|
||
|
https://195.201.251.214:9000/y
|
unknown
|
||
|
https://jira.adguard.com/browse/AG-7046
|
unknown
|
||
|
https://jira.int.agrd.dev/browse/AG-32263-
|
unknown
|
||
|
https://web.telegram.org
|
unknown
|
||
|
https://steamcommunity.com/profiles/76561199707802586hellosqlt.dllsqlite3.dll
|
unknown
|
||
|
https://195.201.251.214:9000/
|
unknown
|
||
|
https://195.201.251.214:9000/msvcp140.dllge
|
unknown
|
||
|
https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
|
unknown
|
||
|
https://jira.adguard.com/browse/AG-21228
|
unknown
|
||
|
https://jira.adguard.com/browse/AG-7046Q
|
unknown
|
||
|
https://jira.int.agrd.dev/browse/AG-32263
|
unknown
|
||
|
https://195.201.251.214:9000/msvcp140.dll15;
|
unknown
|
||
|
https://195.201.251.214:9000/mozglue.dll))%
|
unknown
|
||
|
https://jira.adguard.com/browse/AG-20455
|
unknown
|
||
|
https://jira.adguard.com/browse/AG-20454
|
unknown
|
||
|
https://jira.adguard.com/browse/AG-15916
|
unknown
|
||
|
https://195.201.251.214:9000/freebl3.dlldge
|
unknown
|
||
|
https://github.com/mullvad/mullvadvpn-app#readme0
|
unknown
|
||
|
https://195.201.251.214:9000/%
|
unknown
|
||
|
https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search
|
unknown
|
||
|
https://195.201.251.214:9000/freebl3.dll
|
unknown
|
||
|
https://195.201.251.214:9000ng
|
unknown
|
||
|
https://195.201.251.214:9000/softokn3.dll
|
unknown
|
||
|
https://t.me/g067ni
|
unknown
|
||
|
https://t.me/g067nry1neMozilla/5.0
|
unknown
|
||
|
http://www.sqlite.org/copyright.html.
|
unknown
|
||
|
https://195.201.251.214:9000/vcruntime140.dll$
|
unknown
|
||
|
https://195.201.251.214:9000/Microsoft
|
unknown
|
||
|
https://www.google.com/images/branding/product/ico/googleg_lodp.ico
|
unknown
|
||
|
https://195.201.251.214:9000/msvcp140.dll
|
unknown
|
||
|
https://195.201.251.214/i
|
unknown
|
||
|
https://195.201.251.214:9000/msvcp140.dll%)
|
unknown
|
||
|
https://jira.adguard.com/browse/AG-18203.
|
unknown
|
||
|
https://195.201.251.214:9000/softokn3.dllge
|
unknown
|
||
|
https://195.201.251.214:9000/mozglue.dlldge
|
unknown
|
||
|
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
|
unknown
|
||
|
https://jira.adguard.com/browse/AG-159168
|
unknown
|
||
|
https://195.201.251.214:9000/msvcp140.dll1)
|
unknown
|
||
|
https://www.ecosia.org/newtab/
|
unknown
|
||
|
https://jira.adguard.com/browse/AG-20454G
|
unknown
|
||
|
https://195.201.251.214:9000/nss3.dllt
|
unknown
|
||
|
https://195.201.251.214:9000/vcruntime140.dll
|
unknown
|
||
|
https://ac.ecosia.org/autocomplete?q=
|
unknown
|
||
|
https://195.201.251.214:9000/f
|
unknown
|
||
|
https://jira.adguard.com/browse/AG-7791
|
unknown
|
||
|
https://195.201.251.214:9000/nss3.dll2h
|
unknown
|
||
|
https://jira.adguard.com/browse/AG-18203
|
unknown
|
||
|
https://195.201.251.214:9000f54txtft
|
unknown
|
||
|
https://195.201.251.214/
|
unknown
|
||
|
https://195.201.251.214:9000
|
unknown
|
||
|
https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=
|
unknown
|
||
|
https://195.201.251.214:9000/sqlt.dll
|
unknown
|
||
|
https://195.201.251.214:9000ontent-Disposition:
|
unknown
|
||
|
https://195.201.251.214:9000/Q
|
unknown
|
There are 53 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
t.me
|
149.154.167.99
|
|
|
|
fp2e7a.wpc.phicdn.net
|
192.229.221.95
|
||
|
56.126.166.20.in-addr.arpa
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
149.154.167.99
|
t.me
|
United Kingdom
|
|
|
|
195.201.251.214
|
unknown
|
Germany
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
43E9000
|
trusted library allocation
|
page read and write
|
|
|
|
441D000
|
trusted library allocation
|
page read and write
|
|
|
|
33CB000
|
trusted library allocation
|
page read and write
|
|
|
|
434E000
|
trusted library allocation
|
page read and write
|
|
|
|
445000
|
remote allocation
|
page execute and read and write
|
|
|
|
4382000
|
trusted library allocation
|
page read and write
|
|
|
|
932000
|
unkown
|
page readonly
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
1C1B3000
|
heap
|
page read and write
|
||
|
33A1000
|
trusted library allocation
|
page read and write
|
||
|
641000
|
remote allocation
|
page execute and read and write
|
||
|
138D000
|
trusted library allocation
|
page execute and read and write
|
||
|
3040000
|
trusted library allocation
|
page read and write
|
||
|
336B000
|
trusted library allocation
|
page read and write
|
||
|
32F6000
|
trusted library allocation
|
page read and write
|
||
|
4A9000
|
remote allocation
|
page execute and read and write
|
||
|
43F000
|
remote allocation
|
page execute and read and write
|
||
|
1373000
|
trusted library allocation
|
page execute and read and write
|
||
|
1493E000
|
stack
|
page read and write
|
||
|
2221A000
|
direct allocation
|
page readonly
|
||
|
3003000
|
trusted library allocation
|
page read and write
|
||
|
33C2000
|
trusted library allocation
|
page read and write
|
||
|
D73000
|
heap
|
page read and write
|
||
|
22136000
|
direct allocation
|
page execute read
|
||
|
D59000
|
heap
|
page read and write
|
||
|
30C0000
|
heap
|
page read and write
|
||
|
139A000
|
trusted library allocation
|
page execute and read and write
|
||
|
21FD1000
|
direct allocation
|
page execute read
|
||
|
5FEE000
|
stack
|
page read and write
|
||
|
582D000
|
heap
|
page read and write
|
||
|
140C000
|
heap
|
page read and write
|
||
|
1716000
|
trusted library allocation
|
page read and write
|
||
|
2FE3000
|
trusted library allocation
|
page read and write
|
||
|
DA7000
|
heap
|
page read and write
|
||
|
BD0000
|
heap
|
page read and write
|
||
|
33C0000
|
trusted library allocation
|
page read and write
|
||
|
95C0000
|
unclassified section
|
page read and write
|
||
|
DAE000
|
heap
|
page read and write
|
||
|
32FC000
|
trusted library allocation
|
page read and write
|
||
|
1BE4C000
|
stack
|
page read and write
|
||
|
3030000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BB9F000
|
stack
|
page read and write
|
||
|
1BBDD000
|
heap
|
page read and write
|
||
|
2221D000
|
direct allocation
|
page readonly
|
||
|
DB0000
|
heap
|
page read and write
|
||
|
7E1D000
|
heap
|
page read and write
|
||
|
4281000
|
trusted library allocation
|
page read and write
|
||
|
14B1E000
|
stack
|
page read and write
|
||
|
13C0000
|
trusted library allocation
|
page read and write
|
||
|
5D10000
|
trusted library allocation
|
page execute and read and write
|
||
|
3369000
|
trusted library allocation
|
page read and write
|
||
|
330D000
|
trusted library allocation
|
page read and write
|
||
|
1C1D1000
|
heap
|
page read and write
|
||
|
57EE000
|
stack
|
page read and write
|
||
|
31CE000
|
stack
|
page read and write
|
||
|
B80000
|
heap
|
page read and write
|
||
|
33C9000
|
trusted library allocation
|
page read and write
|
||
|
1BBCD000
|
heap
|
page read and write
|
||
|
3240000
|
trusted library allocation
|
page read and write
|
||
|
BE0000
|
heap
|
page read and write
|
||
|
1360000
|
trusted library allocation
|
page read and write
|
||
|
1383000
|
trusted library allocation
|
page read and write
|
||
|
5C8000
|
remote allocation
|
page execute and read and write
|
||
|
5D6E000
|
stack
|
page read and write
|
||
|
EA1000
|
heap
|
page read and write
|
||
|
D24000
|
heap
|
page read and write
|
||
|
1678000
|
trusted library allocation
|
page read and write
|
||
|
D79000
|
heap
|
page read and write
|
||
|
32F2000
|
trusted library allocation
|
page read and write
|
||
|
1BF50000
|
heap
|
page read and write
|
||
|
4A6000
|
remote allocation
|
page execute and read and write
|
||
|
221DD000
|
direct allocation
|
page execute read
|
||
|
5830000
|
heap
|
page read and write
|
||
|
1BC1D000
|
heap
|
page read and write
|
||
|
161E000
|
stack
|
page read and write
|
||
|
33E7000
|
trusted library allocation
|
page read and write
|
||
|
7DF0000
|
heap
|
page read and write
|
||
|
1705C000
|
stack
|
page read and write
|
||
|
3361000
|
trusted library allocation
|
page read and write
|
||
|
1BCB0000
|
heap
|
page read and write
|
||
|
5B10000
|
heap
|
page read and write
|
||
|
330B000
|
trusted library allocation
|
page read and write
|
||
|
52D000
|
remote allocation
|
page execute and read and write
|
||
|
3343000
|
trusted library allocation
|
page read and write
|
||
|
7E10000
|
heap
|
page read and write
|
||
|
1390000
|
trusted library allocation
|
page read and write
|
||
|
336D000
|
trusted library allocation
|
page read and write
|
||
|
32F4000
|
trusted library allocation
|
page read and write
|
||
|
123E000
|
stack
|
page read and write
|
||
|
33BE000
|
trusted library allocation
|
page read and write
|
||
|
33BA000
|
trusted library allocation
|
page read and write
|
||
|
3318000
|
trusted library allocation
|
page read and write
|
||
|
13EA000
|
heap
|
page read and write
|
||
|
33E9000
|
trusted library allocation
|
page read and write
|
||
|
5D0F000
|
stack
|
page read and write
|
||
|
1C073000
|
heap
|
page read and write
|
||
|
3373000
|
trusted library allocation
|
page read and write
|
||
|
33B8000
|
trusted library allocation
|
page read and write
|
||
|
149AE000
|
stack
|
page read and write
|
||
|
DC9000
|
heap
|
page read and write
|
||
|
14AAF000
|
stack
|
page read and write
|
||
|
11A0000
|
heap
|
page read and write
|
||
|
333F000
|
trusted library allocation
|
page read and write
|
||
|
1250000
|
heap
|
page read and write
|
||
|
15DE000
|
stack
|
page read and write
|
||
|
32F0000
|
trusted library allocation
|
page read and write
|
||
|
33A3000
|
trusted library allocation
|
page read and write
|
||
|
33A8000
|
trusted library allocation
|
page read and write
|
||
|
1730000
|
heap
|
page read and write
|
||
|
3367000
|
trusted library allocation
|
page read and write
|
||
|
31D1000
|
trusted library allocation
|
page read and write
|
||
|
D6B000
|
heap
|
page read and write
|
||
|
33C4000
|
trusted library allocation
|
page read and write
|
||
|
502000
|
remote allocation
|
page execute and read and write
|
||
|
5E6F000
|
stack
|
page read and write
|
||
|
3375000
|
trusted library allocation
|
page read and write
|
||
|
5760000
|
trusted library allocation
|
page read and write
|
||
|
1255000
|
heap
|
page read and write
|
||
|
3315000
|
trusted library allocation
|
page read and write
|
||
|
13AB000
|
trusted library allocation
|
page execute and read and write
|
||
|
1709E000
|
stack
|
page read and write
|
||
|
323E000
|
stack
|
page read and write
|
||
|
1396000
|
trusted library allocation
|
page execute and read and write
|
||
|
5800000
|
heap
|
page read and write
|
||
|
50E000
|
remote allocation
|
page execute and read and write
|
||
|
32EE000
|
trusted library allocation
|
page read and write
|
||
|
1374000
|
trusted library allocation
|
page read and write
|
||
|
3270000
|
heap
|
page execute and read and write
|
||
|
3333000
|
trusted library allocation
|
page read and write
|
||
|
3388000
|
trusted library allocation
|
page read and write
|
||
|
4DD000
|
remote allocation
|
page execute and read and write
|
||
|
1BE7C000
|
heap
|
page read and write
|
||
|
2FDE000
|
stack
|
page read and write
|
||
|
22232000
|
heap
|
page read and write
|
||
|
1710000
|
trusted library allocation
|
page read and write
|
||
|
3341000
|
trusted library allocation
|
page read and write
|
||
|
13A7000
|
trusted library allocation
|
page execute and read and write
|
||
|
3390000
|
trusted library allocation
|
page read and write
|
||
|
643000
|
remote allocation
|
page execute and read and write
|
||
|
3010000
|
trusted library allocation
|
page read and write
|
||
|
D8E000
|
heap
|
page read and write
|
||
|
1965E000
|
stack
|
page read and write
|
||
|
123FD000
|
stack
|
page read and write
|
||
|
1190000
|
heap
|
page read and write
|
||
|
3311000
|
trusted library allocation
|
page read and write
|
||
|
137D000
|
trusted library allocation
|
page execute and read and write
|
||
|
165D000
|
stack
|
page read and write
|
||
|
1C27A000
|
heap
|
page read and write
|
||
|
1BBBC000
|
heap
|
page read and write
|
||
|
1463000
|
heap
|
page read and write
|
||
|
60EE000
|
stack
|
page read and write
|
||
|
1BF6E000
|
heap
|
page read and write
|
||
|
57F0000
|
heap
|
page execute and read and write
|
||
|
13EE000
|
heap
|
page read and write
|
||
|
D38000
|
heap
|
page read and write
|
||
|
4B1000
|
remote allocation
|
page execute and read and write
|
||
|
4D1000
|
remote allocation
|
page execute and read and write
|
||
|
33C7000
|
trusted library allocation
|
page read and write
|
||
|
43B6000
|
trusted library allocation
|
page read and write
|
||
|
7E17000
|
heap
|
page read and write
|
||
|
5FAE000
|
stack
|
page read and write
|
||
|
13D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
B3C000
|
stack
|
page read and write
|
||
|
195DD000
|
stack
|
page read and write
|
||
|
2FFB000
|
trusted library allocation
|
page read and write
|
||
|
1720000
|
trusted library allocation
|
page read and write
|
||
|
CD8000
|
heap
|
page read and write
|
||
|
3393000
|
trusted library allocation
|
page read and write
|
||
|
D65000
|
heap
|
page read and write
|
||
|
3347000
|
trusted library allocation
|
page read and write
|
||
|
CA7000
|
heap
|
page read and write
|
||
|
3371000
|
trusted library allocation
|
page read and write
|
||
|
FE7D000
|
stack
|
page read and write
|
||
|
11EE000
|
stack
|
page read and write
|
||
|
332A000
|
trusted library allocation
|
page read and write
|
||
|
21FD0000
|
direct allocation
|
page execute and read and write
|
||
|
930000
|
unkown
|
page readonly
|
||
|
C68000
|
heap
|
page read and write
|
||
|
1660000
|
heap
|
page read and write
|
||
|
334B000
|
trusted library allocation
|
page read and write
|
||
|
3386000
|
trusted library allocation
|
page read and write
|
||
|
FE3F000
|
stack
|
page read and write
|
||
|
33AA000
|
trusted library allocation
|
page read and write
|
||
|
7CF0000
|
heap
|
page read and write
|
||
|
537D000
|
stack
|
page read and write
|
||
|
1138000
|
stack
|
page read and write
|
||
|
338E000
|
trusted library allocation
|
page read and write
|
||
|
4289000
|
trusted library allocation
|
page read and write
|
||
|
3384000
|
trusted library allocation
|
page read and write
|
||
|
42BD000
|
trusted library allocation
|
page read and write
|
||
|
1BBB1000
|
heap
|
page read and write
|
||
|
3349000
|
trusted library allocation
|
page read and write
|
||
|
330F000
|
trusted library allocation
|
page read and write
|
||
|
C05000
|
unkown
|
page readonly
|
||
|
4348000
|
trusted library allocation
|
page read and write
|
||
|
103B000
|
stack
|
page read and write
|
||
|
333D000
|
trusted library allocation
|
page read and write
|
||
|
32FA000
|
trusted library allocation
|
page read and write
|
||
|
1330000
|
heap
|
page read and write
|
||
|
1483000
|
heap
|
page read and write
|
||
|
123BD000
|
stack
|
page read and write
|
||
|
2221F000
|
direct allocation
|
page readonly
|
||
|
B32000
|
stack
|
page read and write
|
||
|
59FE000
|
stack
|
page read and write
|
||
|
3281000
|
trusted library allocation
|
page read and write
|
||
|
32F8000
|
trusted library allocation
|
page read and write
|
||
|
1BD4B000
|
stack
|
page read and write
|
||
|
221DF000
|
direct allocation
|
page readonly
|
||
|
1414000
|
heap
|
page read and write
|
||
|
439000
|
remote allocation
|
page execute and read and write
|
||
|
5790000
|
trusted library allocation
|
page execute and read and write
|
||
|
D94000
|
heap
|
page read and write
|
||
|
1370000
|
trusted library allocation
|
page read and write
|
||
|
5A00000
|
trusted library section
|
page read and write
|
||
|
14B9000
|
heap
|
page read and write
|
||
|
32EA000
|
trusted library allocation
|
page read and write
|
||
|
FD3E000
|
stack
|
page read and write
|
||
|
583C000
|
heap
|
page read and write
|
||
|
5835000
|
heap
|
page read and write
|
||
|
332C000
|
trusted library allocation
|
page read and write
|
||
|
1C06C000
|
heap
|
page read and write
|
||
|
33A5000
|
trusted library allocation
|
page read and write
|
||
|
CFE000
|
heap
|
page read and write
|
||
|
3005000
|
trusted library allocation
|
page read and write
|
||
|
22212000
|
direct allocation
|
page read and write
|
||
|
A3C000
|
stack
|
page read and write
|
||
|
4285000
|
trusted library allocation
|
page read and write
|
||
|
C60000
|
heap
|
page read and write
|
||
|
1423000
|
heap
|
page read and write
|
||
|
1C278000
|
heap
|
page read and write
|
||
|
3250000
|
trusted library section
|
page read and write
|
||
|
336F000
|
trusted library allocation
|
page read and write
|
||
|
13E0000
|
heap
|
page read and write
|
||
|
332F000
|
trusted library allocation
|
page read and write
|
||
|
3020000
|
heap
|
page read and write
|
||
|
CC0000
|
heap
|
page read and write
|
||
|
13A0000
|
trusted library allocation
|
page read and write
|
||
|
3326000
|
trusted library allocation
|
page read and write
|
||
|
5EAE000
|
stack
|
page read and write
|
||
|
221E8000
|
direct allocation
|
page readonly
|
||
|
21FD8000
|
direct allocation
|
page execute read
|
||
|
539000
|
remote allocation
|
page execute and read and write
|
There are 232 hidden memdumps, click here to show them.