Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
vsl particulars packing list.exe
|
PE32+ executable (GUI) x86-64 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_vsl particulars _2a3097b0749cea7c749879686258262f8513b925_f9752cab_9d15ffbb-87c8-4af6-92e9-4ee19c6455a3\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER9CA2.tmp.dmp
|
Mini DuMP crash report, 16 streams, Sun Jun 30 15:43:58 2024, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERA03D.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERA05D.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\appcompat\Programs\Amcache.hve
|
MS Windows registry file, NT/2000 or above
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\vsl particulars packing list.exe
|
"C:\Users\user\Desktop\vsl particulars packing list.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\CasPol.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\CasPol.exe"
|
|
|
|
C:\Windows\System32\WerFault.exe
|
C:\Windows\system32\WerFault.exe -u -p 4888 -s 1052
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://reallyfreegeoip.org
|
unknown
|
||
|
http://upx.sf.net
|
unknown
|
||
|
http://checkip.dyndns.org
|
unknown
|
||
|
http://checkip.dyndns.org/
|
132.226.247.73
|
||
|
http://checkip.dyndns.com
|
unknown
|
||
|
https://reallyfreegeoip.org/xml/8.46.123.33
|
188.114.96.3
|
||
|
https://reallyfreegeoip.org/xml/8.46.123.33$
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://checkip.dyndns.org/q
|
unknown
|
||
|
http://reallyfreegeoip.org
|
unknown
|
||
|
https://reallyfreegeoip.org/xml/
|
unknown
|
There are 1 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
reallyfreegeoip.org
|
188.114.96.3
|
|
|
|
checkip.dyndns.org
|
unknown
|
|
|
|
checkip.dyndns.com
|
132.226.247.73
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
188.114.96.3
|
reallyfreegeoip.org
|
European Union
|
|
|
|
132.226.247.73
|
checkip.dyndns.com
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\CasPol_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\CasPol_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\CasPol_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\CasPol_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\CasPol_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\CasPol_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\CasPol_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\CasPol_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\CasPol_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\CasPol_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\CasPol_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\CasPol_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\CasPol_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\CasPol_RASMANCS
|
FileDirectory
|
||
|
\REGISTRY\A\{3d01bad2-7c38-e1f3-7197-f7eb4c10c13e}\Root\InventoryApplicationFile\vsl particulars |fa43ec56d4c1599b
|
ProgramId
|
||
|
\REGISTRY\A\{3d01bad2-7c38-e1f3-7197-f7eb4c10c13e}\Root\InventoryApplicationFile\vsl particulars |fa43ec56d4c1599b
|
FileId
|
||
|
\REGISTRY\A\{3d01bad2-7c38-e1f3-7197-f7eb4c10c13e}\Root\InventoryApplicationFile\vsl particulars |fa43ec56d4c1599b
|
LowerCaseLongPath
|
||
|
\REGISTRY\A\{3d01bad2-7c38-e1f3-7197-f7eb4c10c13e}\Root\InventoryApplicationFile\vsl particulars |fa43ec56d4c1599b
|
LongPathHash
|
||
|
\REGISTRY\A\{3d01bad2-7c38-e1f3-7197-f7eb4c10c13e}\Root\InventoryApplicationFile\vsl particulars |fa43ec56d4c1599b
|
Name
|
||
|
\REGISTRY\A\{3d01bad2-7c38-e1f3-7197-f7eb4c10c13e}\Root\InventoryApplicationFile\vsl particulars |fa43ec56d4c1599b
|
OriginalFileName
|
||
|
\REGISTRY\A\{3d01bad2-7c38-e1f3-7197-f7eb4c10c13e}\Root\InventoryApplicationFile\vsl particulars |fa43ec56d4c1599b
|
Publisher
|
||
|
\REGISTRY\A\{3d01bad2-7c38-e1f3-7197-f7eb4c10c13e}\Root\InventoryApplicationFile\vsl particulars |fa43ec56d4c1599b
|
Version
|
||
|
\REGISTRY\A\{3d01bad2-7c38-e1f3-7197-f7eb4c10c13e}\Root\InventoryApplicationFile\vsl particulars |fa43ec56d4c1599b
|
BinFileVersion
|
||
|
\REGISTRY\A\{3d01bad2-7c38-e1f3-7197-f7eb4c10c13e}\Root\InventoryApplicationFile\vsl particulars |fa43ec56d4c1599b
|
BinaryType
|
||
|
\REGISTRY\A\{3d01bad2-7c38-e1f3-7197-f7eb4c10c13e}\Root\InventoryApplicationFile\vsl particulars |fa43ec56d4c1599b
|
ProductName
|
||
|
\REGISTRY\A\{3d01bad2-7c38-e1f3-7197-f7eb4c10c13e}\Root\InventoryApplicationFile\vsl particulars |fa43ec56d4c1599b
|
ProductVersion
|
||
|
\REGISTRY\A\{3d01bad2-7c38-e1f3-7197-f7eb4c10c13e}\Root\InventoryApplicationFile\vsl particulars |fa43ec56d4c1599b
|
LinkDate
|
||
|
\REGISTRY\A\{3d01bad2-7c38-e1f3-7197-f7eb4c10c13e}\Root\InventoryApplicationFile\vsl particulars |fa43ec56d4c1599b
|
BinProductVersion
|
||
|
\REGISTRY\A\{3d01bad2-7c38-e1f3-7197-f7eb4c10c13e}\Root\InventoryApplicationFile\vsl particulars |fa43ec56d4c1599b
|
AppxPackageFullName
|
||
|
\REGISTRY\A\{3d01bad2-7c38-e1f3-7197-f7eb4c10c13e}\Root\InventoryApplicationFile\vsl particulars |fa43ec56d4c1599b
|
AppxPackageRelativeId
|
||
|
\REGISTRY\A\{3d01bad2-7c38-e1f3-7197-f7eb4c10c13e}\Root\InventoryApplicationFile\vsl particulars |fa43ec56d4c1599b
|
Size
|
||
|
\REGISTRY\A\{3d01bad2-7c38-e1f3-7197-f7eb4c10c13e}\Root\InventoryApplicationFile\vsl particulars |fa43ec56d4c1599b
|
Language
|
||
|
\REGISTRY\A\{3d01bad2-7c38-e1f3-7197-f7eb4c10c13e}\Root\InventoryApplicationFile\vsl particulars |fa43ec56d4c1599b
|
Usn
|
There are 23 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
1CD58427000
|
trusted library allocation
|
page read and write
|
|
|
|
402000
|
remote allocation
|
page execute and read and write
|
|
|
|
32A1000
|
trusted library allocation
|
page read and write
|
|
|
|
3470000
|
trusted library allocation
|
page read and write
|
|
|
|
1CD68577000
|
trusted library allocation
|
page read and write
|
|
|
|
33EA000
|
trusted library allocation
|
page read and write
|
||
|
3368000
|
trusted library allocation
|
page read and write
|
||
|
2D7D000
|
trusted library allocation
|
page execute and read and write
|
||
|
5480000
|
trusted library allocation
|
page read and write
|
||
|
1CD56924000
|
heap
|
page read and write
|
||
|
2D74000
|
trusted library allocation
|
page read and write
|
||
|
1CD568D1000
|
heap
|
page read and write
|
||
|
5A78000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B820000
|
trusted library allocation
|
page read and write
|
||
|
6A43000
|
trusted library allocation
|
page read and write
|
||
|
33E6000
|
trusted library allocation
|
page read and write
|
||
|
C0867FE000
|
stack
|
page read and write
|
||
|
3462000
|
trusted library allocation
|
page read and write
|
||
|
144E000
|
stack
|
page read and write
|
||
|
7FFD9B950000
|
trusted library allocation
|
page read and write
|
||
|
4332000
|
trusted library allocation
|
page read and write
|
||
|
1CD56840000
|
heap
|
page read and write
|
||
|
6A4A000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B773000
|
trusted library allocation
|
page execute and read and write
|
||
|
2E30000
|
trusted library allocation
|
page execute and read and write
|
||
|
2E50000
|
heap
|
page execute and read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
6A70000
|
trusted library allocation
|
page read and write
|
||
|
1CD683F7000
|
trusted library allocation
|
page read and write
|
||
|
1CD56AA0000
|
trusted library allocation
|
page read and write
|
||
|
54D0000
|
trusted library allocation
|
page read and write
|
||
|
1CD56AF0000
|
heap
|
page read and write
|
||
|
154F000
|
stack
|
page read and write
|
||
|
2DA7000
|
trusted library allocation
|
page execute and read and write
|
||
|
1CD56AD3000
|
trusted library allocation
|
page read and write
|
||
|
672E000
|
stack
|
page read and write
|
||
|
12D8000
|
heap
|
page read and write
|
||
|
33FE000
|
trusted library allocation
|
page read and write
|
||
|
3350000
|
trusted library allocation
|
page read and write
|
||
|
1CD583F1000
|
trusted library allocation
|
page read and write
|
||
|
1CD567A0000
|
unkown
|
page readonly
|
||
|
33AD000
|
trusted library allocation
|
page read and write
|
||
|
3358000
|
trusted library allocation
|
page read and write
|
||
|
54FD000
|
trusted library allocation
|
page read and write
|
||
|
2DA2000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B856000
|
trusted library allocation
|
page execute and read and write
|
||
|
1CD567A2000
|
unkown
|
page readonly
|
||
|
7FFD9B79D000
|
trusted library allocation
|
page execute and read and write
|
||
|
692E000
|
stack
|
page read and write
|
||
|
5A70000
|
trusted library allocation
|
page read and write
|
||
|
10F7000
|
stack
|
page read and write
|
||
|
1CD56920000
|
heap
|
page read and write
|
||
|
65B0000
|
heap
|
page read and write
|
||
|
686F000
|
stack
|
page read and write
|
||
|
7FFD9B920000
|
trusted library allocation
|
page read and write
|
||
|
5A50000
|
trusted library allocation
|
page execute and read and write
|
||
|
33A1000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7CC000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D96000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D60000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B970000
|
trusted library allocation
|
page read and write
|
||
|
C0864FE000
|
stack
|
page read and write
|
||
|
2D80000
|
trusted library allocation
|
page read and write
|
||
|
1CD56B25000
|
heap
|
page read and write
|
||
|
3426000
|
trusted library allocation
|
page read and write
|
||
|
2D73000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B830000
|
trusted library allocation
|
page execute and read and write
|
||
|
6B40000
|
trusted library allocation
|
page execute and read and write
|
||
|
1CD56988000
|
heap
|
page read and write
|
||
|
6AE0000
|
trusted library allocation
|
page read and write
|
||
|
2D90000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B82C000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B930000
|
trusted library allocation
|
page read and write
|
||
|
C0865FE000
|
stack
|
page read and write
|
||
|
34F3000
|
trusted library allocation
|
page read and write
|
||
|
54F1000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B79B000
|
trusted library allocation
|
page execute and read and write
|
||
|
D6A000
|
stack
|
page read and write
|
||
|
1CD5840C000
|
trusted library allocation
|
page read and write
|
||
|
6A2E000
|
stack
|
page read and write
|
||
|
54C3000
|
heap
|
page read and write
|
||
|
7FFD9B826000
|
trusted library allocation
|
page read and write
|
||
|
34E9000
|
trusted library allocation
|
page read and write
|
||
|
537E000
|
stack
|
page read and write
|
||
|
557D000
|
stack
|
page read and write
|
||
|
5A7B000
|
trusted library allocation
|
page read and write
|
||
|
1218000
|
heap
|
page read and write
|
||
|
1CD683F1000
|
trusted library allocation
|
page read and write
|
||
|
5490000
|
trusted library allocation
|
page read and write
|
||
|
2D9A000
|
trusted library allocation
|
page execute and read and write
|
||
|
660E000
|
heap
|
page read and write
|
||
|
5A76000
|
trusted library allocation
|
page read and write
|
||
|
3535000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B924000
|
trusted library allocation
|
page read and write
|
||
|
34E3000
|
trusted library allocation
|
page read and write
|
||
|
1CD56B20000
|
heap
|
page read and write
|
||
|
7FFD9B95D000
|
trusted library allocation
|
page read and write
|
||
|
1CD568B0000
|
heap
|
page read and write
|
||
|
54D6000
|
trusted library allocation
|
page read and write
|
||
|
68EE000
|
stack
|
page read and write
|
||
|
42C9000
|
trusted library allocation
|
page read and write
|
||
|
1CD5871D000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B910000
|
trusted library allocation
|
page read and write
|
||
|
6A80000
|
trusted library allocation
|
page read and write
|
||
|
68AE000
|
stack
|
page read and write
|
||
|
33F2000
|
trusted library allocation
|
page read and write
|
||
|
DE0000
|
heap
|
page read and write
|
||
|
1305000
|
heap
|
page read and write
|
||
|
1CD568F1000
|
heap
|
page read and write
|
||
|
336A000
|
trusted library allocation
|
page read and write
|
||
|
33A9000
|
trusted library allocation
|
page read and write
|
||
|
1CD56B60000
|
heap
|
page execute and read and write
|
||
|
430A000
|
trusted library allocation
|
page read and write
|
||
|
1550000
|
heap
|
page read and write
|
||
|
3355000
|
trusted library allocation
|
page read and write
|
||
|
5650000
|
heap
|
page read and write
|
||
|
54DB000
|
trusted library allocation
|
page read and write
|
||
|
5A60000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B780000
|
trusted library allocation
|
page read and write
|
||
|
54EA000
|
trusted library allocation
|
page read and write
|
||
|
6A60000
|
trusted library allocation
|
page execute and read and write
|
||
|
6618000
|
heap
|
page read and write
|
||
|
5510000
|
trusted library allocation
|
page read and write
|
||
|
34DE000
|
trusted library allocation
|
page read and write
|
||
|
64AE000
|
stack
|
page read and write
|
||
|
334D000
|
trusted library allocation
|
page read and write
|
||
|
2DAB000
|
trusted library allocation
|
page execute and read and write
|
||
|
3419000
|
trusted library allocation
|
page read and write
|
||
|
1CD568DD000
|
heap
|
page read and write
|
||
|
DF0000
|
heap
|
page read and write
|
||
|
353B000
|
trusted library allocation
|
page read and write
|
||
|
2D8D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D92000
|
trusted library allocation
|
page read and write
|
||
|
1210000
|
heap
|
page read and write
|
||
|
33E2000
|
trusted library allocation
|
page read and write
|
||
|
1CD56AD0000
|
trusted library allocation
|
page read and write
|
||
|
4325000
|
trusted library allocation
|
page read and write
|
||
|
7FF4D2590000
|
trusted library allocation
|
page execute and read and write
|
||
|
C0868FF000
|
stack
|
page read and write
|
||
|
C0863FE000
|
stack
|
page read and write
|
||
|
7FFD9B772000
|
trusted library allocation
|
page read and write
|
||
|
34FC000
|
trusted library allocation
|
page read and write
|
||
|
433B000
|
trusted library allocation
|
page read and write
|
||
|
1CD568BC000
|
heap
|
page read and write
|
||
|
2DA0000
|
trusted library allocation
|
page read and write
|
||
|
54A0000
|
trusted library allocation
|
page read and write
|
||
|
140E000
|
stack
|
page read and write
|
||
|
598E000
|
stack
|
page read and write
|
||
|
42A1000
|
trusted library allocation
|
page read and write
|
||
|
54F6000
|
trusted library allocation
|
page read and write
|
||
|
DA5000
|
heap
|
page read and write
|
||
|
7FFD9B78D000
|
trusted library allocation
|
page execute and read and write
|
||
|
33FA000
|
trusted library allocation
|
page read and write
|
||
|
1730000
|
heap
|
page read and write
|
||
|
6A50000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B929000
|
trusted library allocation
|
page read and write
|
||
|
6B10000
|
heap
|
page read and write
|
||
|
124E000
|
heap
|
page read and write
|
||
|
3505000
|
trusted library allocation
|
page read and write
|
||
|
3434000
|
trusted library allocation
|
page read and write
|
||
|
1700000
|
heap
|
page read and write
|
||
|
7FFD9B794000
|
trusted library allocation
|
page read and write
|
||
|
C0862FE000
|
stack
|
page read and write
|
||
|
6A4F000
|
trusted library allocation
|
page read and write
|
||
|
1CD56C45000
|
heap
|
page read and write
|
||
|
676E000
|
stack
|
page read and write
|
||
|
2D70000
|
trusted library allocation
|
page read and write
|
||
|
2DE0000
|
heap
|
page read and write
|
||
|
54C0000
|
heap
|
page read and write
|
||
|
66ED000
|
stack
|
page read and write
|
||
|
3501000
|
trusted library allocation
|
page read and write
|
||
|
1CD56880000
|
heap
|
page read and write
|
||
|
1CD568DF000
|
heap
|
page read and write
|
||
|
1CD70420000
|
trusted library allocation
|
page read and write
|
||
|
1CD70C30000
|
heap
|
page read and write
|
||
|
7FFD9B782000
|
trusted library allocation
|
page read and write
|
||
|
547E000
|
stack
|
page read and write
|
||
|
7FFD9B890000
|
trusted library allocation
|
page execute and read and write
|
||
|
120E000
|
stack
|
page read and write
|
||
|
54B0000
|
heap
|
page execute and read and write
|
||
|
33F6000
|
trusted library allocation
|
page read and write
|
||
|
3450000
|
trusted library allocation
|
page read and write
|
||
|
2F5E000
|
stack
|
page read and write
|
||
|
DA0000
|
heap
|
page read and write
|
||
|
7FFD9B960000
|
trusted library allocation
|
page execute and read and write
|
||
|
3398000
|
trusted library allocation
|
page read and write
|
||
|
2E2E000
|
stack
|
page read and write
|
||
|
33EE000
|
trusted library allocation
|
page read and write
|
||
|
6A40000
|
trusted library allocation
|
page read and write
|
||
|
1CD56986000
|
heap
|
page read and write
|
||
|
1CD56C40000
|
heap
|
page read and write
|
||
|
7FFD9B77D000
|
trusted library allocation
|
page execute and read and write
|
||
|
55A0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B770000
|
trusted library allocation
|
page read and write
|
||
|
432F000
|
trusted library allocation
|
page read and write
|
||
|
3454000
|
trusted library allocation
|
page read and write
|
||
|
1CD56BC0000
|
trusted library section
|
page read and write
|
||
|
33A5000
|
trusted library allocation
|
page read and write
|
||
|
5A6E000
|
trusted library allocation
|
page read and write
|
||
|
1CD56BB0000
|
heap
|
page execute and read and write
|
||
|
3530000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B790000
|
trusted library allocation
|
page read and write
|
||
|
1CD5691E000
|
heap
|
page read and write
|
||
|
1CD56AC0000
|
trusted library allocation
|
page read and write
|
||
|
6A30000
|
trusted library allocation
|
page execute and read and write
|
||
|
340B000
|
trusted library allocation
|
page read and write
|
||
|
1CD568F3000
|
heap
|
page read and write
|
||
|
3529000
|
trusted library allocation
|
page read and write
|
||
|
54EE000
|
trusted library allocation
|
page read and write
|
||
|
1CD56830000
|
heap
|
page read and write
|
||
|
7FFD9B774000
|
trusted library allocation
|
page read and write
|
||
|
C0866FD000
|
stack
|
page read and write
|
||
|
1CD56AF9000
|
heap
|
page read and write
|
||
|
3383000
|
trusted library allocation
|
page read and write
|
||
|
C0869FE000
|
stack
|
page read and write
|
||
|
C085F53000
|
stack
|
page read and write
|
||
|
1CD56B30000
|
heap
|
page read and write
|
||
|
5502000
|
trusted library allocation
|
page read and write
|
||
|
54DE000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B940000
|
trusted library allocation
|
page read and write
|
||
|
65AF000
|
stack
|
page read and write
|
||
|
1CD56860000
|
heap
|
page read and write
|
||
|
2DC0000
|
trusted library allocation
|
page read and write
|
||
|
123B000
|
heap
|
page read and write
|
||
|
6B30000
|
heap
|
page read and write
|
||
|
C086AFE000
|
stack
|
page read and write
|
There are 216 hidden memdumps, click here to show them.