Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Order Details.exe
|
PE32+ executable (GUI) x86-64 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_Order Details.ex_9715ab41e2aa1b5a6cab55974f5a7035c329fd_101e8af1_6d7596c0-b8b6-416a-be38-884cb1d59bf7\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERB9AC.tmp.dmp
|
Mini DuMP crash report, 16 streams, Sun Jun 30 15:14:54 2024, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERBCF9.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERBD28.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\appcompat\Programs\Amcache.hve
|
MS Windows registry file, NT/2000 or above
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\Order Details.exe
|
"C:\Users\user\Desktop\Order Details.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\regsvcs.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\regsvcs.exe"
|
|
|
|
C:\Windows\System32\WerFault.exe
|
C:\Windows\system32\WerFault.exe -u -p 6836 -s 1020
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://reallyfreegeoip.org
|
unknown
|
||
|
http://upx.sf.net
|
unknown
|
||
|
http://checkip.dyndns.org
|
unknown
|
||
|
http://checkip.dyndns.org/
|
132.226.247.73
|
||
|
http://checkip.dyndns.com
|
unknown
|
||
|
https://reallyfreegeoip.org/xml/8.46.123.33
|
188.114.97.3
|
||
|
https://reallyfreegeoip.org/xml/8.46.123.33$
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://checkip.dyndns.org/q
|
unknown
|
||
|
http://reallyfreegeoip.org
|
unknown
|
||
|
https://reallyfreegeoip.org/xml/
|
unknown
|
There are 1 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
reallyfreegeoip.org
|
188.114.97.3
|
|
|
|
checkip.dyndns.org
|
unknown
|
|
|
|
checkip.dyndns.com
|
132.226.247.73
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
188.114.97.3
|
reallyfreegeoip.org
|
European Union
|
|
|
|
132.226.247.73
|
checkip.dyndns.com
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\regsvcs_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\regsvcs_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\regsvcs_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\regsvcs_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\regsvcs_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\regsvcs_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\regsvcs_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\regsvcs_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\regsvcs_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\regsvcs_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\regsvcs_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\regsvcs_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\regsvcs_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\regsvcs_RASMANCS
|
FileDirectory
|
||
|
\REGISTRY\A\{7d3f8eff-f835-e156-3838-e408326af840}\Root\InventoryApplicationFile\order details.ex|76f5dabee7dfec50
|
ProgramId
|
||
|
\REGISTRY\A\{7d3f8eff-f835-e156-3838-e408326af840}\Root\InventoryApplicationFile\order details.ex|76f5dabee7dfec50
|
FileId
|
||
|
\REGISTRY\A\{7d3f8eff-f835-e156-3838-e408326af840}\Root\InventoryApplicationFile\order details.ex|76f5dabee7dfec50
|
LowerCaseLongPath
|
||
|
\REGISTRY\A\{7d3f8eff-f835-e156-3838-e408326af840}\Root\InventoryApplicationFile\order details.ex|76f5dabee7dfec50
|
LongPathHash
|
||
|
\REGISTRY\A\{7d3f8eff-f835-e156-3838-e408326af840}\Root\InventoryApplicationFile\order details.ex|76f5dabee7dfec50
|
Name
|
||
|
\REGISTRY\A\{7d3f8eff-f835-e156-3838-e408326af840}\Root\InventoryApplicationFile\order details.ex|76f5dabee7dfec50
|
OriginalFileName
|
||
|
\REGISTRY\A\{7d3f8eff-f835-e156-3838-e408326af840}\Root\InventoryApplicationFile\order details.ex|76f5dabee7dfec50
|
Publisher
|
||
|
\REGISTRY\A\{7d3f8eff-f835-e156-3838-e408326af840}\Root\InventoryApplicationFile\order details.ex|76f5dabee7dfec50
|
Version
|
||
|
\REGISTRY\A\{7d3f8eff-f835-e156-3838-e408326af840}\Root\InventoryApplicationFile\order details.ex|76f5dabee7dfec50
|
BinFileVersion
|
||
|
\REGISTRY\A\{7d3f8eff-f835-e156-3838-e408326af840}\Root\InventoryApplicationFile\order details.ex|76f5dabee7dfec50
|
BinaryType
|
||
|
\REGISTRY\A\{7d3f8eff-f835-e156-3838-e408326af840}\Root\InventoryApplicationFile\order details.ex|76f5dabee7dfec50
|
ProductName
|
||
|
\REGISTRY\A\{7d3f8eff-f835-e156-3838-e408326af840}\Root\InventoryApplicationFile\order details.ex|76f5dabee7dfec50
|
ProductVersion
|
||
|
\REGISTRY\A\{7d3f8eff-f835-e156-3838-e408326af840}\Root\InventoryApplicationFile\order details.ex|76f5dabee7dfec50
|
LinkDate
|
||
|
\REGISTRY\A\{7d3f8eff-f835-e156-3838-e408326af840}\Root\InventoryApplicationFile\order details.ex|76f5dabee7dfec50
|
BinProductVersion
|
||
|
\REGISTRY\A\{7d3f8eff-f835-e156-3838-e408326af840}\Root\InventoryApplicationFile\order details.ex|76f5dabee7dfec50
|
AppxPackageFullName
|
||
|
\REGISTRY\A\{7d3f8eff-f835-e156-3838-e408326af840}\Root\InventoryApplicationFile\order details.ex|76f5dabee7dfec50
|
AppxPackageRelativeId
|
||
|
\REGISTRY\A\{7d3f8eff-f835-e156-3838-e408326af840}\Root\InventoryApplicationFile\order details.ex|76f5dabee7dfec50
|
Size
|
||
|
\REGISTRY\A\{7d3f8eff-f835-e156-3838-e408326af840}\Root\InventoryApplicationFile\order details.ex|76f5dabee7dfec50
|
Language
|
||
|
\REGISTRY\A\{7d3f8eff-f835-e156-3838-e408326af840}\Root\InventoryApplicationFile\order details.ex|76f5dabee7dfec50
|
Usn
|
There are 23 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
3001000
|
trusted library allocation
|
page read and write
|
|
|
|
25690127000
|
trusted library allocation
|
page read and write
|
|
|
|
31CC000
|
trusted library allocation
|
page read and write
|
|
|
|
402000
|
remote allocation
|
page execute and read and write
|
|
|
|
25680037000
|
trusted library allocation
|
page read and write
|
|
|
|
7FFD9B7AD000
|
trusted library allocation
|
page execute and read and write
|
||
|
256EEF66000
|
heap
|
page read and write
|
||
|
1170000
|
heap
|
page read and write
|
||
|
256EEF0D000
|
heap
|
page read and write
|
||
|
7FFD9B96D000
|
trusted library allocation
|
page read and write
|
||
|
3234000
|
trusted library allocation
|
page read and write
|
||
|
148A000
|
heap
|
page read and write
|
||
|
7FFD9B7A4000
|
trusted library allocation
|
page read and write
|
||
|
137A000
|
trusted library allocation
|
page execute and read and write
|
||
|
256EF0B0000
|
trusted library allocation
|
page read and write
|
||
|
256EEF1A000
|
heap
|
page read and write
|
||
|
5633000
|
heap
|
page read and write
|
||
|
1400000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B8A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B7DC000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B79D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B78D000
|
trusted library allocation
|
page execute and read and write
|
||
|
3146000
|
trusted library allocation
|
page read and write
|
||
|
256EF070000
|
heap
|
page read and write
|
||
|
3291000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B840000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B960000
|
trusted library allocation
|
page read and write
|
||
|
30B1000
|
trusted library allocation
|
page read and write
|
||
|
30C4000
|
trusted library allocation
|
page read and write
|
||
|
30A9000
|
trusted library allocation
|
page read and write
|
||
|
256EEE70000
|
heap
|
page read and write
|
||
|
1350000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7A0000
|
trusted library allocation
|
page read and write
|
||
|
128E000
|
stack
|
page read and write
|
||
|
136D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B934000
|
trusted library allocation
|
page read and write
|
||
|
675E000
|
stack
|
page read and write
|
||
|
12CE000
|
stack
|
page read and write
|
||
|
315A000
|
trusted library allocation
|
page read and write
|
||
|
5620000
|
trusted library allocation
|
page read and write
|
||
|
256902FB000
|
trusted library allocation
|
page read and write
|
||
|
256EF0D0000
|
trusted library allocation
|
page read and write
|
||
|
6687000
|
heap
|
page read and write
|
||
|
7FFD9B920000
|
trusted library allocation
|
page read and write
|
||
|
1376000
|
trusted library allocation
|
page execute and read and write
|
||
|
4001000
|
trusted library allocation
|
page read and write
|
||
|
1370000
|
trusted library allocation
|
page read and write
|
||
|
6AF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B950000
|
trusted library allocation
|
page read and write
|
||
|
256EEF10000
|
heap
|
page read and write
|
||
|
845A0FF000
|
stack
|
page read and write
|
||
|
6AAE000
|
trusted library allocation
|
page read and write
|
||
|
5526000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B939000
|
trusted library allocation
|
page read and write
|
||
|
6ADA000
|
trusted library allocation
|
page read and write
|
||
|
66A3000
|
heap
|
page read and write
|
||
|
31AB000
|
trusted library allocation
|
page read and write
|
||
|
8459DFC000
|
stack
|
page read and write
|
||
|
13E0000
|
heap
|
page read and write
|
||
|
13B0000
|
heap
|
page read and write
|
||
|
256F0940000
|
trusted library section
|
page read and write
|
||
|
695E000
|
stack
|
page read and write
|
||
|
8459EFF000
|
stack
|
page read and write
|
||
|
30FD000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B970000
|
trusted library allocation
|
page execute and read and write
|
||
|
1468000
|
heap
|
page read and write
|
||
|
25680001000
|
trusted library allocation
|
page read and write
|
||
|
2FFF000
|
stack
|
page read and write
|
||
|
7FFD9B940000
|
trusted library allocation
|
page read and write
|
||
|
4029000
|
trusted library allocation
|
page read and write
|
||
|
679E000
|
stack
|
page read and write
|
||
|
30B4000
|
trusted library allocation
|
page read and write
|
||
|
7FF4FAB00000
|
trusted library allocation
|
page execute and read and write
|
||
|
552B000
|
trusted library allocation
|
page read and write
|
||
|
4098000
|
trusted library allocation
|
page read and write
|
||
|
256F0A40000
|
heap
|
page execute and read and write
|
||
|
7FFD9B784000
|
trusted library allocation
|
page read and write
|
||
|
5546000
|
trusted library allocation
|
page read and write
|
||
|
175E000
|
stack
|
page read and write
|
||
|
84598F3000
|
stack
|
page read and write
|
||
|
256EF325000
|
heap
|
page read and write
|
||
|
256EF320000
|
heap
|
page read and write
|
||
|
3286000
|
trusted library allocation
|
page read and write
|
||
|
1310000
|
heap
|
page read and write
|
||
|
256EEF60000
|
heap
|
page read and write
|
||
|
256EEECB000
|
heap
|
page read and write
|
||
|
7FFD9B783000
|
trusted library allocation
|
page execute and read and write
|
||
|
1354000
|
trusted library allocation
|
page read and write
|
||
|
845A1FD000
|
stack
|
page read and write
|
||
|
7FFD9B7AB000
|
trusted library allocation
|
page execute and read and write
|
||
|
327F000
|
trusted library allocation
|
page read and write
|
||
|
8459AFE000
|
stack
|
page read and write
|
||
|
6AA0000
|
trusted library allocation
|
page read and write
|
||
|
3249000
|
trusted library allocation
|
page read and write
|
||
|
13A0000
|
trusted library allocation
|
page read and write
|
||
|
6B00000
|
trusted library allocation
|
page read and write
|
||
|
256EF135000
|
heap
|
page read and write
|
||
|
256EF0F0000
|
heap
|
page execute and read and write
|
||
|
30AC000
|
trusted library allocation
|
page read and write
|
||
|
6AB8000
|
trusted library allocation
|
page read and write
|
||
|
256EEE50000
|
heap
|
page read and write
|
||
|
3156000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B980000
|
trusted library allocation
|
page read and write
|
||
|
408C000
|
trusted library allocation
|
page read and write
|
||
|
145E000
|
stack
|
page read and write
|
||
|
691E000
|
stack
|
page read and write
|
||
|
328B000
|
trusted library allocation
|
page read and write
|
||
|
31AF000
|
trusted library allocation
|
page read and write
|
||
|
408F000
|
trusted library allocation
|
page read and write
|
||
|
13D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
256EEDB2000
|
unkown
|
page readonly
|
||
|
7FFD9B830000
|
trusted library allocation
|
page read and write
|
||
|
12F0000
|
heap
|
page read and write
|
||
|
1510000
|
heap
|
page read and write
|
||
|
5560000
|
trusted library allocation
|
page read and write
|
||
|
3101000
|
trusted library allocation
|
page read and write
|
||
|
256EEEA0000
|
heap
|
page read and write
|
||
|
1137000
|
stack
|
page read and write
|
||
|
84599FE000
|
stack
|
page read and write
|
||
|
7FFD9B866000
|
trusted library allocation
|
page execute and read and write
|
||
|
8459CFE000
|
stack
|
page read and write
|
||
|
103A000
|
stack
|
page read and write
|
||
|
256EEE40000
|
heap
|
page read and write
|
||
|
1410000
|
heap
|
page execute and read and write
|
||
|
256EEDB0000
|
unkown
|
page readonly
|
||
|
5A1E000
|
stack
|
page read and write
|
||
|
1460000
|
heap
|
page read and write
|
||
|
651E000
|
stack
|
page read and write
|
||
|
256F1250000
|
heap
|
page read and write
|
||
|
13F0000
|
trusted library allocation
|
page read and write
|
||
|
256EEF15000
|
heap
|
page read and write
|
||
|
50DE000
|
stack
|
page read and write
|
||
|
13C0000
|
heap
|
page read and write
|
||
|
6620000
|
heap
|
page read and write
|
||
|
2568001C000
|
trusted library allocation
|
page read and write
|
||
|
1360000
|
trusted library allocation
|
page read and write
|
||
|
3257000
|
trusted library allocation
|
page read and write
|
||
|
5552000
|
trusted library allocation
|
page read and write
|
||
|
5BE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1315000
|
heap
|
page read and write
|
||
|
7FFD9B836000
|
trusted library allocation
|
page read and write
|
||
|
6ADF000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B780000
|
trusted library allocation
|
page read and write
|
||
|
5580000
|
trusted library allocation
|
page read and write
|
||
|
3142000
|
trusted library allocation
|
page read and write
|
||
|
3167000
|
trusted library allocation
|
page read and write
|
||
|
25690001000
|
trusted library allocation
|
page read and write
|
||
|
256EEEAC000
|
heap
|
page read and write
|
||
|
256EF130000
|
heap
|
page read and write
|
||
|
25690007000
|
trusted library allocation
|
page read and write
|
||
|
5520000
|
trusted library allocation
|
page read and write
|
||
|
6AE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
51DE000
|
stack
|
page read and write
|
||
|
1380000
|
trusted library allocation
|
page read and write
|
||
|
699E000
|
stack
|
page read and write
|
||
|
3182000
|
trusted library allocation
|
page read and write
|
||
|
3109000
|
trusted library allocation
|
page read and write
|
||
|
6AC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
30C6000
|
trusted library allocation
|
page read and write
|
||
|
323F000
|
trusted library allocation
|
page read and write
|
||
|
135D000
|
trusted library allocation
|
page execute and read and write
|
||
|
6AD0000
|
trusted library allocation
|
page read and write
|
||
|
6A9F000
|
stack
|
page read and write
|
||
|
1498000
|
heap
|
page read and write
|
||
|
8459FFE000
|
stack
|
page read and write
|
||
|
7FFD9B782000
|
trusted library allocation
|
page read and write
|
||
|
31BE000
|
trusted library allocation
|
page read and write
|
||
|
6B70000
|
trusted library allocation
|
page read and write
|
||
|
1385000
|
trusted library allocation
|
page execute and read and write
|
||
|
313E000
|
trusted library allocation
|
page read and write
|
||
|
6AD3000
|
trusted library allocation
|
page read and write
|
||
|
55F0000
|
heap
|
page execute and read and write
|
||
|
165F000
|
stack
|
page read and write
|
||
|
3152000
|
trusted library allocation
|
page read and write
|
||
|
4068000
|
trusted library allocation
|
page read and write
|
||
|
256EF0E3000
|
trusted library allocation
|
page read and write
|
||
|
554D000
|
trusted library allocation
|
page read and write
|
||
|
68DE000
|
stack
|
page read and write
|
||
|
3239000
|
trusted library allocation
|
page read and write
|
||
|
3174000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B83C000
|
trusted library allocation
|
page execute and read and write
|
||
|
6BA0000
|
heap
|
page read and write
|
||
|
56E0000
|
heap
|
page read and write
|
||
|
552E000
|
trusted library allocation
|
page read and write
|
||
|
8459BFE000
|
stack
|
page read and write
|
||
|
4082000
|
trusted library allocation
|
page read and write
|
||
|
147E000
|
heap
|
page read and write
|
||
|
3190000
|
trusted library allocation
|
page read and write
|
||
|
6AB0000
|
trusted library allocation
|
page read and write
|
||
|
3105000
|
trusted library allocation
|
page read and write
|
||
|
6B10000
|
trusted library allocation
|
page read and write
|
||
|
12D0000
|
heap
|
page read and write
|
||
|
67DE000
|
stack
|
page read and write
|
||
|
7FFD9B790000
|
trusted library allocation
|
page read and write
|
||
|
5630000
|
heap
|
page read and write
|
||
|
256EEF8D000
|
heap
|
page read and write
|
||
|
256EEEE5000
|
heap
|
page read and write
|
||
|
154A000
|
heap
|
page read and write
|
||
|
3252000
|
trusted library allocation
|
page read and write
|
||
|
661F000
|
stack
|
page read and write
|
||
|
256EEEA6000
|
heap
|
page read and write
|
||
|
5541000
|
trusted library allocation
|
page read and write
|
||
|
6BC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B930000
|
trusted library allocation
|
page read and write
|
||
|
256EEEE3000
|
heap
|
page read and write
|
||
|
314E000
|
trusted library allocation
|
page read and write
|
||
|
553E000
|
trusted library allocation
|
page read and write
|
||
|
7050000
|
heap
|
page read and write
|
||
|
1387000
|
trusted library allocation
|
page execute and read and write
|
||
|
30DF000
|
trusted library allocation
|
page read and write
|
||
|
256F0A70000
|
heap
|
page read and write
|
||
|
6AB6000
|
trusted library allocation
|
page read and write
|
||
|
553A000
|
trusted library allocation
|
page read and write
|
||
|
325B000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
1372000
|
trusted library allocation
|
page read and write
|
||
|
30F4000
|
trusted library allocation
|
page read and write
|
||
|
1382000
|
trusted library allocation
|
page read and write
|
||
|
1353000
|
trusted library allocation
|
page execute and read and write
|
||
|
256F0AB0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B792000
|
trusted library allocation
|
page read and write
|
||
|
1340000
|
trusted library allocation
|
page read and write
|
||
|
55EE000
|
stack
|
page read and write
|
||
|
314A000
|
trusted library allocation
|
page read and write
|
||
|
6ABB000
|
trusted library allocation
|
page read and write
|
||
|
256EF0E0000
|
trusted library allocation
|
page read and write
|
||
|
138B000
|
trusted library allocation
|
page execute and read and write
|
There are 217 hidden memdumps, click here to show them.