Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
e-Payment.NET.CMS4006975815.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\JXHPwNYzysUjKo.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\e-Payment.NET.CMS4006975815.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\tmpD623.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\JXHPwNYzysUjKo.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\JXHPwNYzysUjKo.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_1djrpbgi.hmy.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_1oz2nbvv.jlu.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_5fwcc2aa.lmy.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_cvedl5xu.utw.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_kpx5lrh0.pqn.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_kwbfd31x.i1b.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_uk5f5a42.s0f.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_xvrcatpp.g5e.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmpE7F6.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\egsy\logs.dat
|
ASCII text, with CRLF, CR line terminators
|
dropped
|
There are 7 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\e-Payment.NET.CMS4006975815.exe
|
"C:\Users\user\Desktop\e-Payment.NET.CMS4006975815.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\Desktop\e-Payment.NET.CMS4006975815.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\AppData\Roaming\JXHPwNYzysUjKo.exe"
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\JXHPwNYzysUjKo" /XML "C:\Users\user\AppData\Local\Temp\tmpD623.tmp"
|
|
|
|
C:\Users\user\Desktop\e-Payment.NET.CMS4006975815.exe
|
"C:\Users\user\Desktop\e-Payment.NET.CMS4006975815.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\JXHPwNYzysUjKo.exe
|
C:\Users\user\AppData\Roaming\JXHPwNYzysUjKo.exe
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\JXHPwNYzysUjKo" /XML "C:\Users\user\AppData\Local\Temp\tmpE7F6.tmp"
|
|
|
|
C:\Users\user\AppData\Roaming\JXHPwNYzysUjKo.exe
|
"C:\Users\user\AppData\Roaming\JXHPwNYzysUjKo.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\wbem\WmiPrvSE.exe
|
C:\Windows\system32\wbem\wmiprvse.exe -secured -Embedding
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 3 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
62.102.148.166
|
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
62.102.148.166
|
unknown
|
Sweden
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\remcos_rpklfmytvo
|
EXEpath
|
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2729000
|
trusted library allocation
|
page read and write
|
|
|
|
38AA000
|
trusted library allocation
|
page read and write
|
|
|
|
2899000
|
trusted library allocation
|
page read and write
|
|
|
|
373C000
|
trusted library allocation
|
page read and write
|
|
|
|
3010000
|
heap
|
page read and write
|
|
|
|
25D0000
|
heap
|
page read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
3933000
|
trusted library allocation
|
page read and write
|
||
|
818E000
|
stack
|
page read and write
|
||
|
69FE000
|
stack
|
page read and write
|
||
|
1365000
|
heap
|
page read and write
|
||
|
603000
|
trusted library allocation
|
page read and write
|
||
|
AEE000
|
stack
|
page read and write
|
||
|
5A12000
|
heap
|
page read and write
|
||
|
4D90000
|
heap
|
page read and write
|
||
|
5E0000
|
trusted library allocation
|
page read and write
|
||
|
5A38000
|
heap
|
page read and write
|
||
|
650000
|
trusted library allocation
|
page execute and read and write
|
||
|
3A7E000
|
trusted library allocation
|
page read and write
|
||
|
814E000
|
stack
|
page read and write
|
||
|
FE000
|
unkown
|
page readonly
|
||
|
5A5B000
|
heap
|
page read and write
|
||
|
844E000
|
stack
|
page read and write
|
||
|
2400000
|
heap
|
page read and write
|
||
|
6A7000
|
heap
|
page read and write
|
||
|
EDE000
|
stack
|
page read and write
|
||
|
2F00000
|
heap
|
page read and write
|
||
|
4D93000
|
heap
|
page read and write
|
||
|
4DC0000
|
heap
|
page read and write
|
||
|
4E20000
|
trusted library allocation
|
page read and write
|
||
|
890E000
|
stack
|
page read and write
|
||
|
40000
|
unkown
|
page readonly
|
||
|
5010000
|
heap
|
page read and write
|
||
|
4D20000
|
trusted library allocation
|
page read and write
|
||
|
2620000
|
heap
|
page read and write
|
||
|
5A41000
|
heap
|
page read and write
|
||
|
7FCE000
|
stack
|
page read and write
|
||
|
13E8000
|
heap
|
page read and write
|
||
|
67E0000
|
trusted library allocation
|
page read and write
|
||
|
A9E000
|
stack
|
page read and write
|
||
|
26C0000
|
heap
|
page execute and read and write
|
||
|
937000
|
stack
|
page read and write
|
||
|
C43000
|
trusted library allocation
|
page execute and read and write
|
||
|
5210000
|
heap
|
page read and write
|
||
|
4D47000
|
trusted library allocation
|
page read and write
|
||
|
6C71000
|
trusted library allocation
|
page read and write
|
||
|
FD0000
|
heap
|
page read and write
|
||
|
311D000
|
stack
|
page read and write
|
||
|
C72000
|
trusted library allocation
|
page read and write
|
||
|
848E000
|
stack
|
page read and write
|
||
|
C60000
|
trusted library allocation
|
page read and write
|
||
|
5A00000
|
heap
|
page read and write
|
||
|
D35000
|
heap
|
page read and write
|
||
|
24E0000
|
heap
|
page read and write
|
||
|
848E000
|
stack
|
page read and write
|
||
|
3B38000
|
trusted library allocation
|
page read and write
|
||
|
5F4000
|
trusted library allocation
|
page read and write
|
||
|
3A1E000
|
trusted library allocation
|
page read and write
|
||
|
60D000
|
trusted library allocation
|
page execute and read and write
|
||
|
4D2B000
|
trusted library allocation
|
page read and write
|
||
|
4885000
|
trusted library allocation
|
page read and write
|
||
|
24A5000
|
trusted library allocation
|
page read and write
|
||
|
5200000
|
trusted library allocation
|
page execute and read and write
|
||
|
2490000
|
trusted library allocation
|
page read and write
|
||
|
C7B000
|
trusted library allocation
|
page execute and read and write
|
||
|
C30000
|
trusted library allocation
|
page read and write
|
||
|
4D80000
|
trusted library allocation
|
page read and write
|
||
|
4FA1000
|
trusted library allocation
|
page read and write
|
||
|
31F0000
|
heap
|
page read and write
|
||
|
4D70000
|
trusted library allocation
|
page read and write
|
||
|
2454000
|
trusted library allocation
|
page read and write
|
||
|
36D9000
|
trusted library allocation
|
page read and write
|
||
|
3440000
|
heap
|
page read and write
|
||
|
F10000
|
heap
|
page read and write
|
||
|
2650000
|
trusted library allocation
|
page execute and read and write
|
||
|
23A5000
|
trusted library allocation
|
page read and write
|
||
|
810D000
|
stack
|
page read and write
|
||
|
2443000
|
heap
|
page read and write
|
||
|
A50000
|
heap
|
page read and write
|
||
|
5F0000
|
trusted library allocation
|
page read and write
|
||
|
28AE000
|
trusted library allocation
|
page read and write
|
||
|
3B30000
|
trusted library allocation
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
897D000
|
stack
|
page read and write
|
||
|
627000
|
trusted library allocation
|
page execute and read and write
|
||
|
8DEE000
|
stack
|
page read and write
|
||
|
4E64000
|
heap
|
page read and write
|
||
|
531D000
|
stack
|
page read and write
|
||
|
2830000
|
heap
|
page execute and read and write
|
||
|
B20000
|
heap
|
page read and write
|
||
|
38AE000
|
trusted library allocation
|
page read and write
|
||
|
5020000
|
trusted library allocation
|
page execute and read and write
|
||
|
C53000
|
trusted library allocation
|
page read and write
|
||
|
4F90000
|
trusted library section
|
page read and write
|
||
|
331F000
|
stack
|
page read and write
|
||
|
668000
|
heap
|
page read and write
|
||
|
500000
|
heap
|
page read and write
|
||
|
4FB0000
|
trusted library allocation
|
page read and write
|
||
|
8A4F000
|
stack
|
page read and write
|
||
|
970000
|
heap
|
page read and write
|
||
|
295B000
|
trusted library allocation
|
page read and write
|
||
|
247D000
|
trusted library allocation
|
page read and write
|
||
|
640000
|
trusted library allocation
|
page read and write
|
||
|
19A000
|
stack
|
page read and write
|
||
|
3869000
|
trusted library allocation
|
page read and write
|
||
|
2826000
|
trusted library allocation
|
page read and write
|
||
|
4D3E000
|
trusted library allocation
|
page read and write
|
||
|
96E000
|
stack
|
page read and write
|
||
|
7F8E000
|
stack
|
page read and write
|
||
|
4D6F000
|
trusted library allocation
|
page read and write
|
||
|
C9E000
|
heap
|
page read and write
|
||
|
4D24000
|
trusted library allocation
|
page read and write
|
||
|
3020000
|
heap
|
page read and write
|
||
|
295F000
|
trusted library allocation
|
page read and write
|
||
|
4B30000
|
heap
|
page read and write
|
||
|
AA0000
|
heap
|
page read and write
|
||
|
2872000
|
trusted library allocation
|
page read and write
|
||
|
300C000
|
stack
|
page read and write
|
||
|
415000
|
remote allocation
|
page execute and read and write
|
||
|
4F80000
|
trusted library allocation
|
page execute and read and write
|
||
|
29E2000
|
trusted library allocation
|
page read and write
|
||
|
3849000
|
trusted library allocation
|
page read and write
|
||
|
894E000
|
stack
|
page read and write
|
||
|
2810000
|
trusted library allocation
|
page read and write
|
||
|
59FE000
|
stack
|
page read and write
|
||
|
330E000
|
stack
|
page read and write
|
||
|
4B20000
|
trusted library allocation
|
page execute and read and write
|
||
|
CAF000
|
stack
|
page read and write
|
||
|
2F0B000
|
heap
|
page read and write
|
||
|
610000
|
trusted library allocation
|
page read and write
|
||
|
CC6000
|
heap
|
page read and write
|
||
|
CD3000
|
heap
|
page read and write
|
||
|
695000
|
heap
|
page read and write
|
||
|
7CCE000
|
stack
|
page read and write
|
||
|
834D000
|
stack
|
page read and write
|
||
|
2820000
|
trusted library allocation
|
page read and write
|
||
|
334F000
|
stack
|
page read and write
|
||
|
5A08000
|
heap
|
page read and write
|
||
|
6FA000
|
heap
|
page read and write
|
||
|
C5D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2550000
|
heap
|
page read and write
|
||
|
2DBA000
|
stack
|
page read and write
|
||
|
C4D000
|
trusted library allocation
|
page execute and read and write
|
||
|
4D60000
|
trusted library allocation
|
page read and write
|
||
|
23C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4880000
|
trusted library allocation
|
page read and write
|
||
|
5A60000
|
heap
|
page read and write
|
||
|
CD1000
|
heap
|
page read and write
|
||
|
86CE000
|
stack
|
page read and write
|
||
|
86D0000
|
heap
|
page read and write
|
||
|
16AF000
|
stack
|
page read and write
|
||
|
A6E000
|
stack
|
page read and write
|
||
|
E90000
|
trusted library allocation
|
page read and write
|
||
|
AA5000
|
heap
|
page read and write
|
||
|
49DC000
|
stack
|
page read and write
|
||
|
85CD000
|
stack
|
page read and write
|
||
|
920000
|
heap
|
page read and write
|
||
|
24D0000
|
trusted library allocation
|
page read and write
|
||
|
36F9000
|
trusted library allocation
|
page read and write
|
||
|
2420000
|
trusted library allocation
|
page read and write
|
||
|
5A3B000
|
heap
|
page read and write
|
||
|
51EE000
|
stack
|
page read and write
|
||
|
2471000
|
trusted library allocation
|
page read and write
|
||
|
2FCC000
|
stack
|
page read and write
|
||
|
2B3E000
|
unkown
|
page read and write
|
||
|
28C6000
|
trusted library allocation
|
page read and write
|
||
|
26D1000
|
trusted library allocation
|
page read and write
|
||
|
2B7F000
|
unkown
|
page read and write
|
||
|
970000
|
heap
|
page read and write
|
||
|
858E000
|
stack
|
page read and write
|
||
|
487E000
|
stack
|
page read and write
|
||
|
2A1E000
|
trusted library allocation
|
page read and write
|
||
|
2BFF000
|
stack
|
page read and write
|
||
|
5030000
|
heap
|
page execute and read and write
|
||
|
8FC000
|
stack
|
page read and write
|
||
|
C44000
|
trusted library allocation
|
page read and write
|
||
|
23AF000
|
trusted library allocation
|
page read and write
|
||
|
86CD000
|
stack
|
page read and write
|
||
|
C40000
|
trusted library allocation
|
page read and write
|
||
|
27FC000
|
stack
|
page read and write
|
||
|
F7C000
|
stack
|
page read and write
|
||
|
660000
|
heap
|
page read and write
|
||
|
CB9000
|
heap
|
page read and write
|
||
|
980000
|
heap
|
page read and write
|
||
|
4D4D000
|
trusted library allocation
|
page read and write
|
||
|
550000
|
heap
|
page read and write
|
||
|
834E000
|
stack
|
page read and write
|
||
|
4E10000
|
trusted library allocation
|
page execute and read and write
|
||
|
4C6B000
|
stack
|
page read and write
|
||
|
5331000
|
trusted library allocation
|
page read and write
|
||
|
13B0000
|
heap
|
page read and write
|
||
|
27EE000
|
trusted library allocation
|
page read and write
|
||
|
566E000
|
stack
|
page read and write
|
||
|
929000
|
stack
|
page read and write
|
||
|
2800000
|
trusted library allocation
|
page execute and read and write
|
||
|
4E30000
|
trusted library section
|
page read and write
|
||
|
4E40000
|
heap
|
page read and write
|
||
|
2961000
|
trusted library allocation
|
page read and write
|
||
|
6E9E000
|
stack
|
page read and write
|
||
|
3841000
|
trusted library allocation
|
page read and write
|
||
|
4D41000
|
trusted library allocation
|
page read and write
|
||
|
E8E000
|
stack
|
page read and write
|
||
|
990000
|
heap
|
page read and write
|
||
|
4DB0000
|
trusted library allocation
|
page read and write
|
||
|
2430000
|
trusted library allocation
|
page read and write
|
||
|
8A90000
|
trusted library allocation
|
page read and write
|
||
|
2476000
|
trusted library allocation
|
page read and write
|
||
|
C77000
|
trusted library allocation
|
page execute and read and write
|
||
|
5B00000
|
heap
|
page read and write
|
||
|
2D7D000
|
stack
|
page read and write
|
||
|
2642000
|
trusted library allocation
|
page read and write
|
||
|
31BF000
|
unkown
|
page read and write
|
||
|
2908000
|
trusted library allocation
|
page read and write
|
||
|
5F3000
|
trusted library allocation
|
page execute and read and write
|
||
|
4D52000
|
trusted library allocation
|
page read and write
|
||
|
4D6D000
|
stack
|
page read and write
|
||
|
BBA000
|
heap
|
page read and write
|
||
|
5A5000
|
heap
|
page read and write
|
||
|
37C3000
|
trusted library allocation
|
page read and write
|
||
|
9C0000
|
heap
|
page read and write
|
||
|
23A0000
|
trusted library allocation
|
page read and write
|
||
|
12FC000
|
stack
|
page read and write
|
||
|
2482000
|
trusted library allocation
|
page read and write
|
||
|
5150000
|
heap
|
page read and write
|
||
|
BAC000
|
stack
|
page read and write
|
||
|
2640000
|
trusted library allocation
|
page read and write
|
||
|
8A7E000
|
stack
|
page read and write
|
||
|
42000
|
unkown
|
page readonly
|
||
|
882B000
|
stack
|
page read and write
|
||
|
5FD000
|
trusted library allocation
|
page execute and read and write
|
||
|
600000
|
trusted library allocation
|
page read and write
|
||
|
25D5000
|
heap
|
page read and write
|
||
|
616000
|
trusted library allocation
|
page execute and read and write
|
||
|
5000000
|
trusted library allocation
|
page read and write
|
||
|
4D30000
|
trusted library allocation
|
page read and write
|
||
|
24B0000
|
trusted library allocation
|
page read and write
|
||
|
8BAC000
|
stack
|
page read and write
|
||
|
61A000
|
trusted library allocation
|
page execute and read and write
|
||
|
308A000
|
heap
|
page read and write
|
||
|
2BBE000
|
stack
|
page read and write
|
||
|
2630000
|
heap
|
page execute and read and write
|
||
|
4F7000
|
stack
|
page read and write
|
||
|
6A1000
|
heap
|
page read and write
|
||
|
AB7000
|
heap
|
page read and write
|
||
|
7E8E000
|
stack
|
page read and write
|
||
|
3775000
|
trusted library allocation
|
page read and write
|
||
|
8930000
|
heap
|
page read and write
|
||
|
2965000
|
trusted library allocation
|
page read and write
|
||
|
2841000
|
trusted library allocation
|
page read and write
|
||
|
3AD7000
|
trusted library allocation
|
page read and write
|
||
|
48A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
C98000
|
heap
|
page read and write
|
||
|
5670000
|
heap
|
page read and write
|
||
|
25EB000
|
stack
|
page read and write
|
||
|
4F7E000
|
stack
|
page read and write
|
||
|
7C8E000
|
stack
|
page read and write
|
||
|
5CC000
|
stack
|
page read and write
|
||
|
5A05000
|
heap
|
page read and write
|
||
|
321F000
|
stack
|
page read and write
|
||
|
8210000
|
heap
|
page read and write
|
||
|
4DF0000
|
heap
|
page read and write
|
||
|
3B91000
|
trusted library allocation
|
page read and write
|
||
|
BB0000
|
heap
|
page read and write
|
||
|
85CE000
|
stack
|
page read and write
|
||
|
844F000
|
stack
|
page read and write
|
||
|
2963000
|
trusted library allocation
|
page read and write
|
||
|
5A0000
|
heap
|
page read and write
|
||
|
880D000
|
stack
|
page read and write
|
||
|
27BE000
|
stack
|
page read and write
|
||
|
8F2E000
|
stack
|
page read and write
|
||
|
6EC000
|
heap
|
page read and write
|
||
|
5A23000
|
heap
|
page read and write
|
||
|
249F000
|
trusted library allocation
|
page read and write
|
||
|
26B0000
|
trusted library allocation
|
page read and write
|
||
|
F00000
|
heap
|
page read and write
|
||
|
8ED000
|
stack
|
page read and write
|
||
|
6A3000
|
heap
|
page read and write
|
||
|
712000
|
heap
|
page read and write
|
||
|
2967000
|
trusted library allocation
|
page read and write
|
||
|
C50000
|
trusted library allocation
|
page read and write
|
||
|
F17000
|
heap
|
page read and write
|
||
|
4D75000
|
trusted library allocation
|
page read and write
|
||
|
306E000
|
unkown
|
page read and write
|
||
|
C66000
|
trusted library allocation
|
page execute and read and write
|
||
|
FE0000
|
heap
|
page read and write
|
||
|
4E00000
|
trusted library allocation
|
page read and write
|
||
|
C62000
|
trusted library allocation
|
page read and write
|
||
|
5770000
|
trusted library section
|
page read and write
|
||
|
2959000
|
trusted library allocation
|
page read and write
|
||
|
3080000
|
heap
|
page read and write
|
||
|
13E0000
|
heap
|
page read and write
|
||
|
C2E000
|
stack
|
page read and write
|
||
|
7F750000
|
trusted library allocation
|
page execute and read and write
|
||
|
D59000
|
heap
|
page read and write
|
||
|
4E8A000
|
heap
|
page read and write
|
||
|
3070000
|
heap
|
page read and write
|
||
|
8E2E000
|
stack
|
page read and write
|
||
|
4E02000
|
trusted library allocation
|
page read and write
|
||
|
C6A000
|
trusted library allocation
|
page execute and read and write
|
||
|
5A31000
|
heap
|
page read and write
|
||
|
EE0000
|
heap
|
page read and write
|
||
|
8F30000
|
trusted library allocation
|
page read and write
|
||
|
C90000
|
heap
|
page read and write
|
||
|
3015000
|
heap
|
page read and write
|
||
|
92E000
|
stack
|
page read and write
|
||
|
66E000
|
heap
|
page read and write
|
||
|
7F550000
|
trusted library allocation
|
page execute and read and write
|
||
|
892C000
|
stack
|
page read and write
|
||
|
8CAC000
|
stack
|
page read and write
|
||
|
50EB000
|
stack
|
page read and write
|
||
|
2F8E000
|
stack
|
page read and write
|
||
|
AB0000
|
heap
|
page read and write
|
||
|
59E000
|
stack
|
page read and write
|
||
|
2660000
|
trusted library allocation
|
page read and write
|
||
|
612000
|
trusted library allocation
|
page read and write
|
||
|
24A0000
|
trusted library allocation
|
page read and write
|
||
|
8CEE000
|
stack
|
page read and write
|
||
|
54E000
|
stack
|
page read and write
|
||
|
2450000
|
trusted library allocation
|
page read and write
|
||
|
734000
|
heap
|
page read and write
|
||
|
36D1000
|
trusted library allocation
|
page read and write
|
||
|
80CE000
|
stack
|
page read and write
|
||
|
622000
|
trusted library allocation
|
page read and write
|
||
|
62B000
|
trusted library allocation
|
page execute and read and write
|
||
|
A2F000
|
stack
|
page read and write
|
||
|
2E60000
|
heap
|
page read and write
|
||
|
5340000
|
trusted library allocation
|
page read and write
|
||
|
858E000
|
stack
|
page read and write
|
||
|
B6E000
|
stack
|
page read and write
|
||
|
9A0000
|
heap
|
page read and write
|
||
|
83A000
|
stack
|
page read and write
|
||
|
2A36000
|
trusted library allocation
|
page read and write
|
||
|
133E000
|
stack
|
page read and write
|
||
|
246E000
|
trusted library allocation
|
page read and write
|
||
|
2440000
|
heap
|
page read and write
|
||
|
1340000
|
heap
|
page read and write
|
||
|
245B000
|
trusted library allocation
|
page read and write
|
||
|
239E000
|
stack
|
page read and write
|
||
|
488F000
|
trusted library allocation
|
page read and write
|
||
|
822A000
|
heap
|
page read and write
|
||
|
820D000
|
stack
|
page read and write
|
||
|
295D000
|
trusted library allocation
|
page read and write
|
||
|
2824000
|
trusted library allocation
|
page read and write
|
||
|
1360000
|
heap
|
page read and write
|
||
|
688000
|
heap
|
page read and write
|
There are 335 hidden memdumps, click here to show them.