Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
K59gVXTgGv.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Program Files (x86)\Google Chrome sandbox.exe.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Program Files (x86)\Google Chrome sandbox.exe.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
modified
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\K59gVXTgGv.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Google Chrome sandbox.exe.lnk
|
MS Windows shortcut, Item id list present, Has Relative path, Has Working directory, ctime=Sun Dec 31 23:06:32 1600, mtime=Sun
Dec 31 23:06:32 1600, atime=Sun Dec 31 23:06:32 1600, length=0, window=hide
|
dropped
|
||
|
\Device\Null
|
ASCII text, with CRLF line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\K59gVXTgGv.exe
|
"C:\Users\user\Desktop\K59gVXTgGv.exe"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
"cmd" /c ping 127.0.0.1 -n 43 > nul && copy "C:\Users\user\Desktop\K59gVXTgGv.exe" "C:\Program Files (x86)\Google Chrome
sandbox.exe.exe" && ping 127.0.0.1 -n 43 > nul && "C:\Program Files (x86)\Google Chrome sandbox.exe.exe"
|
|
|
|
C:\Windows\SysWOW64\PING.EXE
|
ping 127.0.0.1 -n 43
|
|
|
|
C:\Windows\SysWOW64\PING.EXE
|
ping 127.0.0.1 -n 43
|
|
|
|
C:\Program Files (x86)\Google Chrome sandbox.exe.exe
|
"C:\Program Files (x86)\Google Chrome sandbox.exe.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://api.telegram.org/bot
|
unknown
|
|
|
|
194.26.192.92
|
|
||
|
http://www.google.com
|
unknown
|
||
|
https://dl.dropbox.com/s/p84aaz28t0hepul/Pass.exe?dl=0
|
unknown
|
||
|
https://raw.githubusercontent.com/LimerBoy/StormKitty/master/StormKitty/stub/packages/DotNetZip.1.13
|
unknown
|
||
|
https://api.telegram.org/file/bot
|
unknown
|
||
|
https://github.com/LimerBoy/StormKitty
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://csp.withgoogle.com/csp/gws/other-hp
|
unknown
|
||
|
https://pastebin.com/raw/7B75u64B
|
unknown
|
||
|
http://www.google.com/
|
142.250.185.164
|
There are 1 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
www.google.com
|
142.250.185.164
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
127.0.0.1
|
unknown
|
unknown
|
|
|
|
142.250.185.164
|
www.google.com
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\K59gVXTgGv_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\K59gVXTgGv_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\K59gVXTgGv_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\K59gVXTgGv_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\K59gVXTgGv_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\K59gVXTgGv_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\K59gVXTgGv_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\K59gVXTgGv_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\K59gVXTgGv_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\K59gVXTgGv_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\K59gVXTgGv_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\K59gVXTgGv_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\K59gVXTgGv_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\K59gVXTgGv_RASMANCS
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Google Chrome sandbox_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Google Chrome sandbox_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Google Chrome sandbox_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Google Chrome sandbox_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Google Chrome sandbox_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Google Chrome sandbox_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Google Chrome sandbox_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Google Chrome sandbox_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Google Chrome sandbox_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Google Chrome sandbox_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Google Chrome sandbox_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Google Chrome sandbox_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Google Chrome sandbox_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Google Chrome sandbox_RASMANCS
|
FileDirectory
|
There are 18 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
3146000
|
trusted library allocation
|
page read and write
|
|
|
|
3FEA000
|
trusted library allocation
|
page read and write
|
|
|
|
3EE0000
|
trusted library allocation
|
page read and write
|
|
|
|
2F37000
|
trusted library allocation
|
page read and write
|
|
|
|
40D5000
|
trusted library allocation
|
page read and write
|
|
|
|
2E6F000
|
trusted library allocation
|
page read and write
|
|
|
|
6900000
|
trusted library section
|
page read and write
|
|
|
|
2D10000
|
trusted library allocation
|
page execute and read and write
|
||
|
2F1D000
|
trusted library allocation
|
page read and write
|
||
|
6AA0000
|
heap
|
page read and write
|
||
|
54A6000
|
trusted library allocation
|
page read and write
|
||
|
4E48000
|
trusted library allocation
|
page read and write
|
||
|
12EE000
|
stack
|
page read and write
|
||
|
329A000
|
trusted library allocation
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
2FE7000
|
trusted library allocation
|
page read and write
|
||
|
5170000
|
heap
|
page read and write
|
||
|
6B40000
|
trusted library section
|
page readonly
|
||
|
5E5F000
|
stack
|
page read and write
|
||
|
32FF000
|
trusted library allocation
|
page read and write
|
||
|
2F00000
|
trusted library allocation
|
page read and write
|
||
|
2C65000
|
trusted library allocation
|
page execute and read and write
|
||
|
D46000
|
heap
|
page read and write
|
||
|
F61000
|
heap
|
page read and write
|
||
|
3E85000
|
trusted library allocation
|
page read and write
|
||
|
11EE000
|
stack
|
page read and write
|
||
|
F48000
|
heap
|
page read and write
|
||
|
31EA000
|
trusted library allocation
|
page read and write
|
||
|
1130000
|
trusted library allocation
|
page read and write
|
||
|
32CB000
|
trusted library allocation
|
page read and write
|
||
|
E8E000
|
stack
|
page read and write
|
||
|
32ED000
|
trusted library allocation
|
page read and write
|
||
|
1383000
|
trusted library allocation
|
page execute and read and write
|
||
|
E5A000
|
stack
|
page read and write
|
||
|
1200000
|
heap
|
page read and write
|
||
|
2F2E000
|
trusted library allocation
|
page read and write
|
||
|
3147000
|
heap
|
page read and write
|
||
|
6C50000
|
heap
|
page read and write
|
||
|
32A1000
|
trusted library allocation
|
page read and write
|
||
|
2B2E000
|
trusted library allocation
|
page read and write
|
||
|
5F9F000
|
stack
|
page read and write
|
||
|
3315000
|
trusted library allocation
|
page read and write
|
||
|
32DB000
|
trusted library allocation
|
page read and write
|
||
|
10AE000
|
heap
|
page read and write
|
||
|
B30000
|
unkown
|
page execute read
|
||
|
585E000
|
stack
|
page read and write
|
||
|
CD0000
|
heap
|
page read and write
|
||
|
5129000
|
trusted library allocation
|
page read and write
|
||
|
7EDC000
|
heap
|
page read and write
|
||
|
68FE000
|
stack
|
page read and write
|
||
|
1350000
|
heap
|
page read and write
|
||
|
11AE000
|
stack
|
page read and write
|
||
|
1166000
|
heap
|
page read and write
|
||
|
B3B000
|
unkown
|
page execute read
|
||
|
30E0000
|
heap
|
page read and write
|
||
|
3120000
|
heap
|
page read and write
|
||
|
2C40000
|
trusted library allocation
|
page read and write
|
||
|
5126000
|
trusted library allocation
|
page read and write
|
||
|
563F000
|
stack
|
page read and write
|
||
|
2D20000
|
heap
|
page read and write
|
||
|
2AB0000
|
trusted library allocation
|
page read and write
|
||
|
B13000
|
unkown
|
page execute read
|
||
|
2E41000
|
trusted library allocation
|
page read and write
|
||
|
6C40000
|
trusted library allocation
|
page execute and read and write
|
||
|
336B000
|
trusted library allocation
|
page read and write
|
||
|
8B0E000
|
stack
|
page read and write
|
||
|
8200000
|
trusted library allocation
|
page execute and read and write
|
||
|
6C00000
|
trusted library allocation
|
page execute and read and write
|
||
|
611E000
|
stack
|
page read and write
|
||
|
4C7E000
|
stack
|
page read and write
|
||
|
5E9E000
|
stack
|
page read and write
|
||
|
59DF000
|
stack
|
page read and write
|
||
|
D40000
|
heap
|
page read and write
|
||
|
7F28000
|
heap
|
page read and write
|
||
|
1157000
|
trusted library allocation
|
page read and write
|
||
|
323F000
|
trusted library allocation
|
page read and write
|
||
|
573E000
|
stack
|
page read and write
|
||
|
5C1E000
|
stack
|
page read and write
|
||
|
3308000
|
trusted library allocation
|
page read and write
|
||
|
54A1000
|
trusted library allocation
|
page read and write
|
||
|
2EEF000
|
trusted library allocation
|
page read and write
|
||
|
A70000
|
unkown
|
page readonly
|
||
|
11EE000
|
stack
|
page read and write
|
||
|
3142000
|
heap
|
page read and write
|
||
|
60DF000
|
stack
|
page read and write
|
||
|
6D81000
|
heap
|
page read and write
|
||
|
EC0000
|
trusted library allocation
|
page read and write
|
||
|
3351000
|
trusted library allocation
|
page read and write
|
||
|
2AC0000
|
trusted library allocation
|
page read and write
|
||
|
5050000
|
trusted library allocation
|
page read and write
|
||
|
5350000
|
trusted library allocation
|
page read and write
|
||
|
3313000
|
trusted library allocation
|
page read and write
|
||
|
54AD000
|
trusted library allocation
|
page read and write
|
||
|
1120000
|
heap
|
page read and write
|
||
|
58D0000
|
heap
|
page execute and read and write
|
||
|
ED3000
|
trusted library allocation
|
page execute and read and write
|
||
|
3377000
|
trusted library allocation
|
page read and write
|
||
|
5533000
|
heap
|
page read and write
|
||
|
3247000
|
trusted library allocation
|
page read and write
|
||
|
3317000
|
trusted library allocation
|
page read and write
|
||
|
52F0000
|
heap
|
page execute and read and write
|
||
|
3238000
|
trusted library allocation
|
page read and write
|
||
|
B58000
|
unkown
|
page execute read
|
||
|
3AE1000
|
trusted library allocation
|
page read and write
|
||
|
65BE000
|
stack
|
page read and write
|
||
|
2C62000
|
trusted library allocation
|
page read and write
|
||
|
5320000
|
heap
|
page read and write
|
||
|
2F22000
|
trusted library allocation
|
page read and write
|
||
|
2C56000
|
trusted library allocation
|
page execute and read and write
|
||
|
2C4D000
|
trusted library allocation
|
page execute and read and write
|
||
|
3321000
|
trusted library allocation
|
page read and write
|
||
|
A72000
|
unkown
|
page execute read
|
||
|
138D000
|
trusted library allocation
|
page execute and read and write
|
||
|
6D70000
|
heap
|
page read and write
|
||
|
2CCE000
|
stack
|
page read and write
|
||
|
2E8E000
|
stack
|
page read and write
|
||
|
D1E000
|
stack
|
page read and write
|
||
|
3275000
|
trusted library allocation
|
page read and write
|
||
|
E4E000
|
stack
|
page read and write
|
||
|
B19000
|
unkown
|
page execute read
|
||
|
3357000
|
trusted library allocation
|
page read and write
|
||
|
2FEF000
|
trusted library allocation
|
page read and write
|
||
|
EF0000
|
trusted library allocation
|
page read and write
|
||
|
1370000
|
trusted library allocation
|
page read and write
|
||
|
6767000
|
heap
|
page read and write
|
||
|
7F97000
|
heap
|
page read and write
|
||
|
B4C000
|
unkown
|
page execute read
|
||
|
3156000
|
heap
|
page read and write
|
||
|
7F89000
|
heap
|
page read and write
|
||
|
101B000
|
heap
|
page read and write
|
||
|
3375000
|
trusted library allocation
|
page read and write
|
||
|
10E2000
|
heap
|
page read and write
|
||
|
F02000
|
trusted library allocation
|
page read and write
|
||
|
5D5E000
|
stack
|
page read and write
|
||
|
9F0000
|
heap
|
page read and write
|
||
|
5D1E000
|
stack
|
page read and write
|
||
|
2C60000
|
trusted library allocation
|
page read and write
|
||
|
845E000
|
stack
|
page read and write
|
||
|
B24000
|
unkown
|
page execute read
|
||
|
2F0B000
|
trusted library allocation
|
page read and write
|
||
|
327B000
|
trusted library allocation
|
page read and write
|
||
|
52DE000
|
stack
|
page read and write
|
||
|
3231000
|
trusted library allocation
|
page read and write
|
||
|
132E000
|
stack
|
page read and write
|
||
|
32A8000
|
trusted library allocation
|
page read and write
|
||
|
3323000
|
trusted library allocation
|
page read and write
|
||
|
8950000
|
trusted library allocation
|
page execute and read and write
|
||
|
3289000
|
trusted library allocation
|
page read and write
|
||
|
1150000
|
trusted library allocation
|
page read and write
|
||
|
7ED4000
|
heap
|
page read and write
|
||
|
316E000
|
heap
|
page read and write
|
||
|
3301000
|
trusted library allocation
|
page read and write
|
||
|
ED0000
|
trusted library allocation
|
page read and write
|
||
|
F56000
|
heap
|
page read and write
|
||
|
3263000
|
trusted library allocation
|
page read and write
|
||
|
5030000
|
trusted library allocation
|
page read and write
|
||
|
3E41000
|
trusted library allocation
|
page read and write
|
||
|
2EF5000
|
trusted library allocation
|
page read and write
|
||
|
337C000
|
trusted library allocation
|
page read and write
|
||
|
F69000
|
heap
|
page read and write
|
||
|
66C0000
|
heap
|
page read and write
|
||
|
F57000
|
stack
|
page read and write
|
||
|
2EE3000
|
trusted library allocation
|
page read and write
|
||
|
ED4000
|
trusted library allocation
|
page read and write
|
||
|
10D5000
|
heap
|
page read and write
|
||
|
2D7A000
|
trusted library allocation
|
page read and write
|
||
|
6D95000
|
heap
|
page read and write
|
||
|
2C6B000
|
trusted library allocation
|
page execute and read and write
|
||
|
32BA000
|
trusted library allocation
|
page read and write
|
||
|
6C16000
|
trusted library allocation
|
page read and write
|
||
|
32AF000
|
trusted library allocation
|
page read and write
|
||
|
3344000
|
trusted library allocation
|
page read and write
|
||
|
6DA0000
|
heap
|
page read and write
|
||
|
7F16000
|
heap
|
page read and write
|
||
|
6B60000
|
heap
|
page read and write
|
||
|
F07000
|
trusted library allocation
|
page execute and read and write
|
||
|
E90000
|
heap
|
page read and write
|
||
|
2EC0000
|
heap
|
page read and write
|
||
|
32EF000
|
trusted library allocation
|
page read and write
|
||
|
647D000
|
stack
|
page read and write
|
||
|
8562000
|
trusted library allocation
|
page read and write
|
||
|
EF2000
|
trusted library allocation
|
page read and write
|
||
|
5104000
|
trusted library allocation
|
page read and write
|
||
|
6C20000
|
trusted library allocation
|
page read and write
|
||
|
5E80000
|
trusted library allocation
|
page read and write
|
||
|
EE0000
|
trusted library allocation
|
page read and write
|
||
|
67BD000
|
heap
|
page read and write
|
||
|
3369000
|
trusted library allocation
|
page read and write
|
||
|
89CF000
|
stack
|
page read and write
|
||
|
6AC0000
|
trusted library allocation
|
page read and write
|
||
|
B63000
|
unkown
|
page execute read
|
||
|
3367000
|
trusted library allocation
|
page read and write
|
||
|
328B000
|
trusted library allocation
|
page read and write
|
||
|
8B4E000
|
stack
|
page read and write
|
||
|
7E60000
|
heap
|
page read and write
|
||
|
2D2C000
|
heap
|
page read and write
|
||
|
6970000
|
trusted library allocation
|
page read and write
|
||
|
2C52000
|
trusted library allocation
|
page read and write
|
||
|
3359000
|
trusted library allocation
|
page read and write
|
||
|
2C80000
|
trusted library allocation
|
page read and write
|
||
|
330000
|
unkown
|
page readonly
|
||
|
54D0000
|
trusted library allocation
|
page read and write
|
||
|
5FDE000
|
stack
|
page read and write
|
||
|
6D7D000
|
heap
|
page read and write
|
||
|
2AE1000
|
trusted library allocation
|
page read and write
|
||
|
7F13000
|
heap
|
page read and write
|
||
|
58C0000
|
trusted library allocation
|
page read and write
|
||
|
67FE000
|
stack
|
page read and write
|
||
|
6D5E000
|
stack
|
page read and write
|
||
|
587E000
|
stack
|
page read and write
|
||
|
322F000
|
trusted library allocation
|
page read and write
|
||
|
2EFA000
|
trusted library allocation
|
page read and write
|
||
|
3348000
|
trusted library allocation
|
page read and write
|
||
|
1390000
|
heap
|
page read and write
|
||
|
11F0000
|
trusted library allocation
|
page read and write
|
||
|
111E000
|
stack
|
page read and write
|
||
|
2ACB000
|
trusted library allocation
|
page read and write
|
||
|
553F000
|
stack
|
page read and write
|
||
|
2D60000
|
heap
|
page read and write
|
||
|
2AAE000
|
stack
|
page read and write
|
||
|
5E70000
|
trusted library allocation
|
page read and write
|
||
|
6C55000
|
heap
|
page read and write
|
||
|
6742000
|
heap
|
page read and write
|
||
|
577E000
|
stack
|
page read and write
|
||
|
2C67000
|
trusted library allocation
|
page execute and read and write
|
||
|
F0B000
|
trusted library allocation
|
page execute and read and write
|
||
|
3E49000
|
trusted library allocation
|
page read and write
|
||
|
32DD000
|
trusted library allocation
|
page read and write
|
||
|
2CFC000
|
stack
|
page read and write
|
||
|
2C5A000
|
trusted library allocation
|
page execute and read and write
|
||
|
5ADF000
|
stack
|
page read and write
|
||
|
5135000
|
trusted library allocation
|
page read and write
|
||
|
B2A000
|
unkown
|
page execute read
|
||
|
2FDC000
|
trusted library allocation
|
page read and write
|
||
|
8A0E000
|
stack
|
page read and write
|
||
|
6C30000
|
heap
|
page read and write
|
||
|
2F28000
|
trusted library allocation
|
page read and write
|
||
|
F20000
|
heap
|
page read and write
|
||
|
5114000
|
trusted library allocation
|
page read and write
|
||
|
2AC9000
|
trusted library allocation
|
page read and write
|
||
|
EDD000
|
trusted library allocation
|
page execute and read and write
|
||
|
2F06000
|
trusted library allocation
|
page read and write
|
||
|
3331000
|
trusted library allocation
|
page read and write
|
||
|
3AE7000
|
trusted library allocation
|
page read and write
|
||
|
29FD000
|
stack
|
page read and write
|
||
|
67B8000
|
heap
|
page read and write
|
||
|
10AA000
|
heap
|
page read and write
|
||
|
2F11000
|
trusted library allocation
|
page read and write
|
||
|
6C10000
|
trusted library allocation
|
page read and write
|
||
|
841E000
|
stack
|
page read and write
|
||
|
8940000
|
trusted library allocation
|
page read and write
|
||
|
10A0000
|
heap
|
page read and write
|
||
|
334F000
|
trusted library allocation
|
page read and write
|
||
|
525D000
|
stack
|
page read and write
|
||
|
5BDE000
|
stack
|
page read and write
|
||
|
32A3000
|
trusted library allocation
|
page read and write
|
||
|
3166000
|
heap
|
page read and write
|
||
|
B52000
|
unkown
|
page execute read
|
||
|
431000
|
unkown
|
page execute read
|
||
|
54C0000
|
trusted library allocation
|
page read and write
|
||
|
589D000
|
stack
|
page read and write
|
||
|
B41000
|
unkown
|
page execute read
|
||
|
3365000
|
trusted library allocation
|
page read and write
|
||
|
8160000
|
trusted library allocation
|
page read and write
|
||
|
831E000
|
stack
|
page read and write
|
||
|
657E000
|
stack
|
page read and write
|
||
|
F2E000
|
heap
|
page read and write
|
||
|
8C4E000
|
stack
|
page read and write
|
||
|
5E78000
|
trusted library allocation
|
page read and write
|
||
|
6AD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2E2F000
|
stack
|
page read and write
|
||
|
5484000
|
trusted library allocation
|
page read and write
|
||
|
529D000
|
stack
|
page read and write
|
||
|
82DE000
|
stack
|
page read and write
|
||
|
FC0000
|
heap
|
page read and write
|
||
|
7F85000
|
heap
|
page read and write
|
||
|
3258000
|
trusted library allocation
|
page read and write
|
||
|
32CD000
|
trusted library allocation
|
page read and write
|
||
|
3335000
|
trusted library allocation
|
page read and write
|
||
|
2FED000
|
trusted library allocation
|
page read and write
|
||
|
2D0B000
|
stack
|
page read and write
|
||
|
EFA000
|
trusted library allocation
|
page execute and read and write
|
||
|
2AD0000
|
heap
|
page read and write
|
||
|
549E000
|
trusted library allocation
|
page read and write
|
||
|
FB5000
|
heap
|
page read and write
|
||
|
54C9000
|
trusted library allocation
|
page read and write
|
||
|
6980000
|
trusted library allocation
|
page execute and read and write
|
||
|
302F000
|
stack
|
page read and write
|
||
|
5540000
|
heap
|
page read and write
|
||
|
2EE9000
|
trusted library allocation
|
page read and write
|
||
|
3333000
|
trusted library allocation
|
page read and write
|
||
|
5530000
|
heap
|
page read and write
|
||
|
FB0000
|
heap
|
page read and write
|
||
|
7F60000
|
heap
|
page read and write
|
||
|
89B000
|
stack
|
page read and write
|
||
|
4AE8000
|
trusted library allocation
|
page read and write
|
||
|
1380000
|
trusted library allocation
|
page read and write
|
||
|
149F000
|
stack
|
page read and write
|
||
|
A72000
|
unkown
|
page execute read
|
||
|
2B0F000
|
trusted library allocation
|
page read and write
|
||
|
F28000
|
heap
|
page read and write
|
||
|
3145000
|
heap
|
page read and write
|
||
|
6AB0000
|
trusted library allocation
|
page read and write
|
||
|
66C8000
|
heap
|
page read and write
|
||
|
552E000
|
stack
|
page read and write
|
||
|
2C50000
|
trusted library allocation
|
page read and write
|
||
|
11A0000
|
heap
|
page read and write
|
||
|
1190000
|
heap
|
page read and write
|
||
|
3261000
|
trusted library allocation
|
page read and write
|
||
|
B47000
|
unkown
|
page execute read
|
||
|
4FDC000
|
stack
|
page read and write
|
||
|
6B50000
|
heap
|
page read and write
|
||
|
32FD000
|
trusted library allocation
|
page read and write
|
||
|
3132000
|
trusted library allocation
|
page read and write
|
||
|
66BE000
|
stack
|
page read and write
|
||
|
2F20000
|
heap
|
page read and write
|
||
|
F64000
|
heap
|
page read and write
|
||
|
32B1000
|
trusted library allocation
|
page read and write
|
||
|
5480000
|
trusted library allocation
|
page read and write
|
||
|
2E40000
|
direct allocation
|
page read and write
|
||
|
2FE5000
|
trusted library allocation
|
page read and write
|
||
|
2F17000
|
trusted library allocation
|
page read and write
|
||
|
5340000
|
trusted library allocation
|
page read and write
|
||
|
829D000
|
stack
|
page read and write
|
||
|
1140000
|
trusted library allocation
|
page execute and read and write
|
||
|
66F1000
|
heap
|
page read and write
|
||
|
331F000
|
trusted library allocation
|
page read and write
|
||
|
1160000
|
heap
|
page execute and read and write
|
||
|
1384000
|
trusted library allocation
|
page read and write
|
||
|
5360000
|
trusted library allocation
|
page read and write
|
||
|
2E30000
|
heap
|
page execute and read and write
|
||
|
B72000
|
unkown
|
page readonly
|
||
|
312C000
|
heap
|
page read and write
|
||
|
999000
|
stack
|
page read and write
|
||
|
B39000
|
unkown
|
page execute read
|
||
|
6B3B000
|
stack
|
page read and write
|
||
|
621E000
|
stack
|
page read and write
|
||
|
EF6000
|
trusted library allocation
|
page execute and read and write
|
||
|
6DA7000
|
heap
|
page read and write
|
||
|
6BF0000
|
heap
|
page read and write
|
||
|
3353000
|
trusted library allocation
|
page read and write
|
||
|
6D60000
|
heap
|
page read and write
|
There are 332 hidden memdumps, click here to show them.