Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
BqDa1EBEUK.exe
|
PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\BqDa1EBEUK.exe.log
|
CSV text
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\d3d9.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\MSBuild.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\BqDa1EBEUK.exe
|
"C:\Users\user\Desktop\BqDa1EBEUK.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
185.196.9.26:6302
|
|
||
|
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Text
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/sc/sct
|
unknown
|
||
|
https://duckduckgo.com/chrome_newtab
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/security/sc/dk
|
unknown
|
||
|
https://duckduckgo.com/ac/?q=
|
unknown
|
||
|
http://tempuri.org/Entity/Id23ResponseD
|
unknown
|
||
|
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#HexBinary
|
unknown
|
||
|
http://tempuri.org/Entity/Id12Response
|
unknown
|
||
|
http://tempuri.org/
|
unknown
|
||
|
http://tempuri.org/Entity/Id2Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/sc/dk/p_sha1
|
unknown
|
||
|
http://tempuri.org/Entity/Id21Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/2005/02/trust/spnego#GSS_Wrap
|
unknown
|
||
|
http://tempuri.org/Entity/Id9
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLID
|
unknown
|
||
|
http://tempuri.org/Entity/Id8
|
unknown
|
||
|
http://tempuri.org/Entity/Id5
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Prepare
|
unknown
|
||
|
http://tempuri.org/Entity/Id4
|
unknown
|
||
|
http://tempuri.org/Entity/Id7
|
unknown
|
||
|
http://tempuri.org/Entity/Id6
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust#BinarySecret
|
unknown
|
||
|
http://tempuri.org/Entity/Id19Response
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-rel-token-profile-1.0.pdf#license
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/RSTR/Issue
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Aborted
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/rm/TerminateSequence
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/fault
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#EncryptedKey
|
unknown
|
||
|
http://tempuri.org/Entity/Id15Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/RSTR/SCT/Renew
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wscoor/Register
|
unknown
|
||
|
http://tempuri.org/Entity/Id6Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/trust/SymmetricKey
|
unknown
|
||
|
https://api.ip.sb/ip
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/sc
|
unknown
|
||
|
http://tempuri.org/Entity/Id1ResponseD
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Volatile2PC
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/RSTR/SCT/Cancel
|
unknown
|
||
|
http://tempuri.org/Entity/Id9Response
|
unknown
|
||
|
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
|
unknown
|
||
|
http://tempuri.org/Entity/Id20
|
unknown
|
||
|
http://tempuri.org/Entity/Id21
|
unknown
|
||
|
http://tempuri.org/Entity/Id22
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-kerberos-token-profile-1.1#Kerberosv5APREQSHA1
|
unknown
|
||
|
http://tempuri.org/Entity/Id23
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/security/trust/CK/PSHA1
|
unknown
|
||
|
http://tempuri.org/Entity/Id24
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/security/trust/RSTR/Issue
|
unknown
|
||
|
http://tempuri.org/Entity/Id24Response
|
unknown
|
||
|
https://www.ecosia.org/newtab/
|
unknown
|
||
|
http://tempuri.org/Entity/Id1Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/rm/AckRequested
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/ReadOnly
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Replay
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/tlsnego
|
unknown
|
||
|
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Durable2PC
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/security/trust/SymmetricKey
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/08/addressing
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Issue
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Completion
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/trust
|
unknown
|
||
|
http://tempuri.org/Entity/Id10
|
unknown
|
||
|
http://tempuri.org/Entity/Id11
|
unknown
|
||
|
http://tempuri.org/Entity/Id12
|
unknown
|
||
|
http://tempuri.org/Entity/Id16Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wscoor/CreateCoordinationContextResponse
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/RST/SCT/Cancel
|
unknown
|
||
|
http://tempuri.org/Entity/Id13
|
unknown
|
||
|
http://tempuri.org/Entity/Id14
|
unknown
|
||
|
http://tempuri.org/Entity/Id15
|
unknown
|
||
|
http://tempuri.org/Entity/Id16
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/Nonce
|
unknown
|
||
|
http://tempuri.org/Entity/Id17
|
unknown
|
||
|
http://tempuri.org/Entity/Id18
|
unknown
|
||
|
http://tempuri.org/Entity/Id5Response
|
unknown
|
||
|
http://tempuri.org/Entity/Id19
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/dns
|
unknown
|
||
|
http://tempuri.org/Entity/Id10Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/Renew
|
unknown
|
||
|
http://tempuri.org/Entity/Id8Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/trust/PublicKey
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.0#SAMLAssertionID
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/security/trust/RST/SCT
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2006/02/addressingidentity
|
unknown
|
||
|
http://schemas.xmlsoap.org/soap/envelope/
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/PublicKey
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#EncryptedKeySHA1
|
unknown
|
||
|
https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust
|
unknown
|
||
|
https://duckduckgo.com/chrome_newtabS
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Rollback
|
unknown
|
||
|
http://tempuri.org/Entity/Id3ResponseD
|
unknown
|
||
|
http://tempuri.org/Entity/Id23Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/security/trust/RSTR/SCT
|
unknown
|
There are 90 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
fp2e7a.wpc.phicdn.net
|
192.229.221.95
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
185.196.9.26
|
unknown
|
Switzerland
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
Owner
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
SessionHash
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
Sequence
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
RegFiles0000
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
RegFilesHash
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
3124000
|
trusted library allocation
|
page read and write
|
|
|
|
402000
|
remote allocation
|
page execute and read and write
|
|
|
|
3091000
|
trusted library allocation
|
page read and write
|
|
|
|
6CCFF000
|
unkown
|
page read and write
|
|
|
|
785F000
|
stack
|
page read and write
|
||
|
3380000
|
trusted library allocation
|
page read and write
|
||
|
3020000
|
trusted library allocation
|
page read and write
|
||
|
3586000
|
trusted library allocation
|
page read and write
|
||
|
4204000
|
trusted library allocation
|
page read and write
|
||
|
4306000
|
trusted library allocation
|
page read and write
|
||
|
72DE000
|
stack
|
page read and write
|
||
|
1270000
|
trusted library allocation
|
page read and write
|
||
|
518C000
|
stack
|
page read and write
|
||
|
33AD000
|
trusted library allocation
|
page read and write
|
||
|
2FF1000
|
trusted library allocation
|
page read and write
|
||
|
434F000
|
trusted library allocation
|
page read and write
|
||
|
4139000
|
trusted library allocation
|
page read and write
|
||
|
37E8000
|
trusted library allocation
|
page read and write
|
||
|
62FF000
|
stack
|
page read and write
|
||
|
7EB000
|
trusted library allocation
|
page execute and read and write
|
||
|
122D000
|
trusted library allocation
|
page execute and read and write
|
||
|
4127000
|
trusted library allocation
|
page read and write
|
||
|
43BF000
|
trusted library allocation
|
page read and write
|
||
|
3702000
|
trusted library allocation
|
page read and write
|
||
|
437A000
|
trusted library allocation
|
page read and write
|
||
|
6D7E000
|
stack
|
page read and write
|
||
|
2FCE000
|
stack
|
page read and write
|
||
|
42BD000
|
trusted library allocation
|
page read and write
|
||
|
41F9000
|
trusted library allocation
|
page read and write
|
||
|
720F000
|
trusted library allocation
|
page read and write
|
||
|
5860000
|
trusted library allocation
|
page execute and read and write
|
||
|
7230000
|
trusted library allocation
|
page read and write
|
||
|
7067000
|
heap
|
page read and write
|
||
|
706F000
|
heap
|
page read and write
|
||
|
1308000
|
heap
|
page read and write
|
||
|
3203000
|
trusted library allocation
|
page read and write
|
||
|
817000
|
heap
|
page read and write
|
||
|
343B000
|
trusted library allocation
|
page read and write
|
||
|
4427000
|
trusted library allocation
|
page read and write
|
||
|
4491000
|
trusted library allocation
|
page read and write
|
||
|
164E000
|
stack
|
page read and write
|
||
|
600000
|
heap
|
page read and write
|
||
|
13A4000
|
heap
|
page read and write
|
||
|
5526000
|
trusted library allocation
|
page read and write
|
||
|
4416000
|
trusted library allocation
|
page read and write
|
||
|
42D9000
|
trusted library allocation
|
page read and write
|
||
|
43B7000
|
trusted library allocation
|
page read and write
|
||
|
71E2000
|
trusted library allocation
|
page read and write
|
||
|
3681000
|
trusted library allocation
|
page read and write
|
||
|
65EE000
|
stack
|
page read and write
|
||
|
40BA000
|
trusted library allocation
|
page read and write
|
||
|
40D3000
|
trusted library allocation
|
page read and write
|
||
|
7F0000
|
heap
|
page read and write
|
||
|
7093000
|
heap
|
page read and write
|
||
|
344C000
|
trusted library allocation
|
page read and write
|
||
|
5730000
|
trusted library allocation
|
page read and write
|
||
|
338D000
|
trusted library allocation
|
page read and write
|
||
|
355E000
|
trusted library allocation
|
page read and write
|
||
|
5585000
|
trusted library allocation
|
page read and write
|
||
|
33B9000
|
trusted library allocation
|
page read and write
|
||
|
353F000
|
trusted library allocation
|
page read and write
|
||
|
76BF000
|
stack
|
page read and write
|
||
|
43FF000
|
trusted library allocation
|
page read and write
|
||
|
138E000
|
heap
|
page read and write
|
||
|
1381000
|
heap
|
page read and write
|
||
|
1010000
|
heap
|
page read and write
|
||
|
1377000
|
heap
|
page read and write
|
||
|
729E000
|
stack
|
page read and write
|
||
|
3486000
|
trusted library allocation
|
page read and write
|
||
|
7205000
|
trusted library allocation
|
page read and write
|
||
|
10F0000
|
heap
|
page read and write
|
||
|
80F000
|
heap
|
page read and write
|
||
|
1240000
|
trusted library allocation
|
page read and write
|
||
|
5760000
|
trusted library allocation
|
page read and write
|
||
|
41B7000
|
trusted library allocation
|
page read and write
|
||
|
3242000
|
trusted library allocation
|
page read and write
|
||
|
3306000
|
trusted library allocation
|
page read and write
|
||
|
105E000
|
stack
|
page read and write
|
||
|
2FDB000
|
trusted library allocation
|
page read and write
|
||
|
73AE000
|
stack
|
page read and write
|
||
|
7310000
|
trusted library allocation
|
page execute and read and write
|
||
|
59D0000
|
heap
|
page read and write
|
||
|
707C000
|
heap
|
page read and write
|
||
|
5AFE000
|
stack
|
page read and write
|
||
|
703B000
|
heap
|
page read and write
|
||
|
5B40000
|
trusted library allocation
|
page execute and read and write
|
||
|
4302000
|
trusted library allocation
|
page read and write
|
||
|
54D2000
|
trusted library allocation
|
page read and write
|
||
|
446E000
|
trusted library allocation
|
page read and write
|
||
|
31BD000
|
trusted library allocation
|
page read and write
|
||
|
42FC000
|
trusted library allocation
|
page read and write
|
||
|
71E0000
|
trusted library allocation
|
page read and write
|
||
|
5830000
|
trusted library allocation
|
page execute and read and write
|
||
|
EF7000
|
stack
|
page read and write
|
||
|
43F8000
|
trusted library allocation
|
page read and write
|
||
|
35B4000
|
trusted library allocation
|
page read and write
|
||
|
4480000
|
trusted library allocation
|
page read and write
|
||
|
3524000
|
trusted library allocation
|
page read and write
|
||
|
5580000
|
trusted library allocation
|
page read and write
|
||
|
422F000
|
trusted library allocation
|
page read and write
|
||
|
4189000
|
trusted library allocation
|
page read and write
|
||
|
4411000
|
trusted library allocation
|
page read and write
|
||
|
3250000
|
trusted library allocation
|
page read and write
|
||
|
5A0D000
|
heap
|
page read and write
|
||
|
6E7D000
|
stack
|
page read and write
|
||
|
558E000
|
trusted library allocation
|
page read and write
|
||
|
70B0000
|
heap
|
page read and write
|
||
|
7B4000
|
trusted library allocation
|
page read and write
|
||
|
422A000
|
trusted library allocation
|
page read and write
|
||
|
42A9000
|
trusted library allocation
|
page read and write
|
||
|
43D2000
|
trusted library allocation
|
page read and write
|
||
|
2FEE000
|
trusted library allocation
|
page read and write
|
||
|
3668000
|
trusted library allocation
|
page read and write
|
||
|
54F8000
|
trusted library allocation
|
page read and write
|
||
|
1510000
|
trusted library allocation
|
page read and write
|
||
|
367C000
|
trusted library allocation
|
page read and write
|
||
|
430B000
|
trusted library allocation
|
page read and write
|
||
|
3404000
|
trusted library allocation
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
BF0000
|
heap
|
page read and write
|
||
|
2490000
|
heap
|
page execute and read and write
|
||
|
3647000
|
trusted library allocation
|
page read and write
|
||
|
A8E000
|
stack
|
page read and write
|
||
|
7A0000
|
trusted library allocation
|
page read and write
|
||
|
825000
|
heap
|
page read and write
|
||
|
43A1000
|
trusted library allocation
|
page read and write
|
||
|
54F5000
|
trusted library allocation
|
page read and write
|
||
|
4475000
|
trusted library allocation
|
page read and write
|
||
|
435000
|
remote allocation
|
page execute and read and write
|
||
|
4454000
|
trusted library allocation
|
page read and write
|
||
|
3492000
|
trusted library allocation
|
page read and write
|
||
|
3526000
|
trusted library allocation
|
page read and write
|
||
|
72F4000
|
trusted library allocation
|
page read and write
|
||
|
7041000
|
heap
|
page read and write
|
||
|
708F000
|
heap
|
page read and write
|
||
|
4269000
|
trusted library allocation
|
page read and write
|
||
|
6CCE0000
|
unkown
|
page readonly
|
||
|
70000
|
unkown
|
page readonly
|
||
|
4249000
|
trusted library allocation
|
page read and write
|
||
|
33C9000
|
trusted library allocation
|
page read and write
|
||
|
4336000
|
trusted library allocation
|
page read and write
|
||
|
7860000
|
trusted library allocation
|
page read and write
|
||
|
7030000
|
heap
|
page read and write
|
||
|
43AB000
|
trusted library allocation
|
page read and write
|
||
|
5A6B000
|
heap
|
page read and write
|
||
|
59B0000
|
heap
|
page execute and read and write
|
||
|
7087000
|
heap
|
page read and write
|
||
|
440A000
|
trusted library allocation
|
page read and write
|
||
|
7866000
|
trusted library allocation
|
page read and write
|
||
|
4279000
|
trusted library allocation
|
page read and write
|
||
|
324A000
|
trusted library allocation
|
page read and write
|
||
|
430F000
|
trusted library allocation
|
page read and write
|
||
|
720A000
|
trusted library allocation
|
page read and write
|
||
|
3033000
|
heap
|
page execute and read and write
|
||
|
3373000
|
trusted library allocation
|
page read and write
|
||
|
54D0000
|
trusted library allocation
|
page read and write
|
||
|
72000
|
unkown
|
page readonly
|
||
|
5A4E000
|
heap
|
page read and write
|
||
|
665000
|
heap
|
page read and write
|
||
|
5990000
|
trusted library allocation
|
page read and write
|
||
|
61FE000
|
stack
|
page read and write
|
||
|
2FFD000
|
trusted library allocation
|
page read and write
|
||
|
6CCF8000
|
unkown
|
page readonly
|
||
|
363D000
|
trusted library allocation
|
page read and write
|
||
|
2DF8000
|
trusted library allocation
|
page read and write
|
||
|
7320000
|
trusted library allocation
|
page read and write
|
||
|
11FF000
|
stack
|
page read and write
|
||
|
360A000
|
trusted library allocation
|
page read and write
|
||
|
7FE0000
|
heap
|
page read and write
|
||
|
33B4000
|
trusted library allocation
|
page read and write
|
||
|
5AB5000
|
heap
|
page read and write
|
||
|
4260000
|
trusted library allocation
|
page read and write
|
||
|
1214000
|
trusted library allocation
|
page read and write
|
||
|
32F2000
|
trusted library allocation
|
page read and write
|
||
|
6CCE1000
|
unkown
|
page execute read
|
||
|
4120000
|
trusted library allocation
|
page read and write
|
||
|
1FC000
|
unkown
|
page readonly
|
||
|
40B1000
|
trusted library allocation
|
page read and write
|
||
|
5F0000
|
heap
|
page read and write
|
||
|
3698000
|
trusted library allocation
|
page read and write
|
||
|
5A8B000
|
heap
|
page read and write
|
||
|
1242000
|
trusted library allocation
|
page read and write
|
||
|
441B000
|
trusted library allocation
|
page read and write
|
||
|
3226000
|
trusted library allocation
|
page read and write
|
||
|
5840000
|
trusted library allocation
|
page read and write
|
||
|
31F3000
|
trusted library allocation
|
page read and write
|
||
|
4211000
|
trusted library allocation
|
page read and write
|
||
|
70E2000
|
heap
|
page read and write
|
||
|
5510000
|
trusted library allocation
|
page read and write
|
||
|
AA0000
|
trusted library allocation
|
page read and write
|
||
|
6FF2000
|
heap
|
page read and write
|
||
|
12C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
5A5C000
|
heap
|
page read and write
|
||
|
5593000
|
heap
|
page read and write
|
||
|
7220000
|
trusted library allocation
|
page read and write
|
||
|
2EA5000
|
trusted library allocation
|
page read and write
|
||
|
660000
|
heap
|
page read and write
|
||
|
412A000
|
trusted library allocation
|
page read and write
|
||
|
5A23000
|
heap
|
page read and write
|
||
|
57D0000
|
trusted library allocation
|
page read and write
|
||
|
6FBC000
|
heap
|
page read and write
|
||
|
3467000
|
trusted library allocation
|
page read and write
|
||
|
35FE000
|
trusted library allocation
|
page read and write
|
||
|
2E98000
|
trusted library allocation
|
page read and write
|
||
|
7300000
|
trusted library allocation
|
page execute and read and write
|
||
|
48C000
|
stack
|
page read and write
|
||
|
671C000
|
trusted library allocation
|
page read and write
|
||
|
4461000
|
trusted library allocation
|
page read and write
|
||
|
4136000
|
trusted library allocation
|
page read and write
|
||
|
5560000
|
trusted library allocation
|
page read and write
|
||
|
357A000
|
trusted library allocation
|
page read and write
|
||
|
588000
|
stack
|
page read and write
|
||
|
5541000
|
trusted library allocation
|
page read and write
|
||
|
33BE000
|
trusted library allocation
|
page read and write
|
||
|
3474000
|
trusted library allocation
|
page read and write
|
||
|
6FA2000
|
heap
|
page read and write
|
||
|
2FF6000
|
trusted library allocation
|
page read and write
|
||
|
438A000
|
trusted library allocation
|
page read and write
|
||
|
9EE000
|
stack
|
page read and write
|
||
|
7050000
|
heap
|
page read and write
|
||
|
43DE000
|
trusted library allocation
|
page read and write
|
||
|
7023000
|
heap
|
page read and write
|
||
|
554A000
|
trusted library allocation
|
page read and write
|
||
|
BC0000
|
heap
|
page read and write
|
||
|
5750000
|
heap
|
page read and write
|
||
|
34DC000
|
trusted library allocation
|
page read and write
|
||
|
57B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
71B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
423F000
|
trusted library allocation
|
page read and write
|
||
|
344E000
|
trusted library allocation
|
page read and write
|
||
|
7B3000
|
trusted library allocation
|
page execute and read and write
|
||
|
7000000
|
heap
|
page read and write
|
||
|
703D000
|
heap
|
page read and write
|
||
|
409F000
|
trusted library allocation
|
page read and write
|
||
|
351C000
|
trusted library allocation
|
page read and write
|
||
|
71E9000
|
trusted library allocation
|
page read and write
|
||
|
704A000
|
heap
|
page read and write
|
||
|
736E000
|
stack
|
page read and write
|
||
|
1210000
|
trusted library allocation
|
page read and write
|
||
|
32EF000
|
trusted library allocation
|
page read and write
|
||
|
4153000
|
trusted library allocation
|
page read and write
|
||
|
41CE000
|
trusted library allocation
|
page read and write
|
||
|
1230000
|
trusted library allocation
|
page read and write
|
||
|
4234000
|
trusted library allocation
|
page read and write
|
||
|
3361000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
418E000
|
trusted library allocation
|
page read and write
|
||
|
12D0000
|
heap
|
page read and write
|
||
|
121D000
|
trusted library allocation
|
page execute and read and write
|
||
|
5A02000
|
heap
|
page read and write
|
||
|
81C000
|
heap
|
page read and write
|
||
|
4342000
|
trusted library allocation
|
page read and write
|
||
|
34AE000
|
trusted library allocation
|
page read and write
|
||
|
124B000
|
trusted library allocation
|
page execute and read and write
|
||
|
3532000
|
trusted library allocation
|
page read and write
|
||
|
43EB000
|
trusted library allocation
|
page read and write
|
||
|
368E000
|
trusted library allocation
|
page read and write
|
||
|
6FC7000
|
heap
|
page read and write
|
||
|
4448000
|
trusted library allocation
|
page read and write
|
||
|
7E7000
|
trusted library allocation
|
page execute and read and write
|
||
|
339A000
|
trusted library allocation
|
page read and write
|
||
|
6CD4A000
|
unkown
|
page readonly
|
||
|
7032000
|
heap
|
page read and write
|
||
|
5980000
|
trusted library allocation
|
page read and write
|
||
|
33D4000
|
trusted library allocation
|
page read and write
|
||
|
41B0000
|
trusted library allocation
|
page read and write
|
||
|
7214000
|
trusted library allocation
|
page read and write
|
||
|
42C8000
|
trusted library allocation
|
page read and write
|
||
|
5740000
|
trusted library allocation
|
page read and write
|
||
|
7B0000
|
trusted library allocation
|
page read and write
|
||
|
3636000
|
trusted library allocation
|
page read and write
|
||
|
4274000
|
trusted library allocation
|
page read and write
|
||
|
4250000
|
trusted library allocation
|
page read and write
|
||
|
36AF000
|
trusted library allocation
|
page read and write
|
||
|
332B000
|
trusted library allocation
|
page read and write
|
||
|
59C0000
|
heap
|
page read and write
|
||
|
71FF000
|
trusted library allocation
|
page read and write
|
||
|
551B000
|
trusted library allocation
|
page read and write
|
||
|
14CF000
|
stack
|
page read and write
|
||
|
3725000
|
trusted library allocation
|
page read and write
|
||
|
3070000
|
heap
|
page read and write
|
||
|
43C6000
|
trusted library allocation
|
page read and write
|
||
|
32FD000
|
trusted library allocation
|
page read and write
|
||
|
54FA000
|
trusted library allocation
|
page read and write
|
||
|
1520000
|
trusted library allocation
|
page read and write
|
||
|
7FE000
|
heap
|
page read and write
|
||
|
324C000
|
trusted library allocation
|
page read and write
|
||
|
444000
|
remote allocation
|
page execute and read and write
|
||
|
71E5000
|
trusted library allocation
|
page read and write
|
||
|
4133000
|
trusted library allocation
|
page read and write
|
||
|
3030000
|
heap
|
page execute and read and write
|
||
|
5770000
|
trusted library allocation
|
page read and write
|
||
|
5590000
|
heap
|
page read and write
|
||
|
42CF000
|
trusted library allocation
|
page read and write
|
||
|
356F000
|
trusted library allocation
|
page read and write
|
||
|
1232000
|
trusted library allocation
|
page read and write
|
||
|
3497000
|
trusted library allocation
|
page read and write
|
||
|
43B1000
|
trusted library allocation
|
page read and write
|
||
|
72F0000
|
trusted library allocation
|
page read and write
|
||
|
1245000
|
trusted library allocation
|
page execute and read and write
|
||
|
42EF000
|
trusted library allocation
|
page read and write
|
||
|
2E90000
|
trusted library allocation
|
page read and write
|
||
|
4290000
|
trusted library allocation
|
page read and write
|
||
|
57C0000
|
trusted library allocation
|
page read and write
|
||
|
66F0000
|
trusted library allocation
|
page read and write
|
||
|
33A2000
|
trusted library allocation
|
page read and write
|
||
|
41F7000
|
trusted library allocation
|
page read and write
|
||
|
553E000
|
trusted library allocation
|
page read and write
|
||
|
3706000
|
trusted library allocation
|
page read and write
|
||
|
5A77000
|
heap
|
page read and write
|
||
|
71FA000
|
trusted library allocation
|
page read and write
|
||
|
138B000
|
heap
|
page read and write
|
||
|
79AE000
|
stack
|
page read and write
|
||
|
633E000
|
stack
|
page read and write
|
||
|
2FD0000
|
trusted library allocation
|
page read and write
|
||
|
4130000
|
trusted library allocation
|
page read and write
|
||
|
4218000
|
trusted library allocation
|
page read and write
|
||
|
4430000
|
trusted library allocation
|
page read and write
|
||
|
71A0000
|
trusted library allocation
|
page read and write
|
||
|
439B000
|
trusted library allocation
|
page read and write
|
||
|
36A3000
|
trusted library allocation
|
page read and write
|
||
|
77E000
|
stack
|
page read and write
|
||
|
411A000
|
trusted library allocation
|
page read and write
|
||
|
2570000
|
heap
|
page read and write
|
||
|
35EB000
|
trusted library allocation
|
page read and write
|
||
|
A4E000
|
stack
|
page read and write
|
||
|
426B000
|
trusted library allocation
|
page read and write
|
||
|
336B000
|
trusted library allocation
|
page read and write
|
||
|
70D4000
|
heap
|
page read and write
|
||
|
3693000
|
trusted library allocation
|
page read and write
|
||
|
426E000
|
trusted library allocation
|
page read and write
|
||
|
64E000
|
stack
|
page read and write
|
||
|
35FC000
|
trusted library allocation
|
page read and write
|
||
|
7C4000
|
trusted library allocation
|
page read and write
|
||
|
32FA000
|
trusted library allocation
|
page read and write
|
||
|
BE0000
|
trusted library allocation
|
page read and write
|
||
|
3730000
|
trusted library allocation
|
page read and write
|
||
|
3737000
|
trusted library allocation
|
page read and write
|
||
|
417D000
|
trusted library allocation
|
page read and write
|
||
|
347B000
|
trusted library allocation
|
page read and write
|
||
|
43C4000
|
trusted library allocation
|
page read and write
|
||
|
5550000
|
trusted library allocation
|
page read and write
|
||
|
54E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
425D000
|
trusted library allocation
|
page read and write
|
||
|
41D3000
|
trusted library allocation
|
page read and write
|
||
|
1247000
|
trusted library allocation
|
page execute and read and write
|
||
|
2FD4000
|
trusted library allocation
|
page read and write
|
||
|
4091000
|
trusted library allocation
|
page read and write
|
||
|
5A57000
|
heap
|
page read and write
|
||
|
864000
|
heap
|
page read and write
|
||
|
42B6000
|
trusted library allocation
|
page read and write
|
||
|
4487000
|
trusted library allocation
|
page read and write
|
||
|
3687000
|
trusted library allocation
|
page read and write
|
||
|
3675000
|
trusted library allocation
|
page read and write
|
||
|
477E000
|
stack
|
page read and write
|
||
|
435C000
|
trusted library allocation
|
page read and write
|
||
|
3254000
|
trusted library allocation
|
page read and write
|
||
|
40CB000
|
trusted library allocation
|
page read and write
|
||
|
3258000
|
trusted library allocation
|
page read and write
|
||
|
6FD0000
|
heap
|
page read and write
|
||
|
4113000
|
trusted library allocation
|
page read and write
|
||
|
123A000
|
trusted library allocation
|
page execute and read and write
|
||
|
429C000
|
trusted library allocation
|
page read and write
|
||
|
7225000
|
trusted library allocation
|
page read and write
|
||
|
59A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
430000
|
remote allocation
|
page execute and read and write
|
||
|
71A2000
|
trusted library allocation
|
page read and write
|
||
|
2EB0000
|
trusted library allocation
|
page read and write
|
||
|
BBE000
|
stack
|
page read and write
|
||
|
41A3000
|
trusted library allocation
|
page read and write
|
||
|
832000
|
heap
|
page read and write
|
||
|
4199000
|
trusted library allocation
|
page read and write
|
||
|
4314000
|
trusted library allocation
|
page read and write
|
||
|
43B9000
|
trusted library allocation
|
page read and write
|
||
|
323E000
|
trusted library allocation
|
page read and write
|
||
|
5820000
|
trusted library allocation
|
page execute and read and write
|
||
|
4184000
|
trusted library allocation
|
page read and write
|
||
|
B8A000
|
stack
|
page read and write
|
||
|
437F000
|
trusted library allocation
|
page read and write
|
||
|
380F000
|
trusted library allocation
|
page read and write
|
||
|
3553000
|
trusted library allocation
|
page read and write
|
||
|
5B3E000
|
stack
|
page read and write
|
||
|
267F000
|
stack
|
page read and write
|
||
|
54F0000
|
trusted library allocation
|
page read and write
|
||
|
5532000
|
trusted library allocation
|
page read and write
|
||
|
700D000
|
heap
|
page read and write
|
||
|
78AD000
|
stack
|
page read and write
|
||
|
2450000
|
trusted library allocation
|
page execute and read and write
|
||
|
3717000
|
trusted library allocation
|
page read and write
|
||
|
3308000
|
trusted library allocation
|
page read and write
|
||
|
41EA000
|
trusted library allocation
|
page read and write
|
||
|
413E000
|
trusted library allocation
|
page read and write
|
||
|
431E000
|
trusted library allocation
|
page read and write
|
||
|
3513000
|
trusted library allocation
|
page read and write
|
||
|
BF0000
|
heap
|
page read and write
|
||
|
12FA000
|
heap
|
page read and write
|
||
|
2EC0000
|
heap
|
page read and write
|
||
|
6FE8000
|
heap
|
page read and write
|
||
|
71F8000
|
trusted library allocation
|
page read and write
|
||
|
3565000
|
trusted library allocation
|
page read and write
|
||
|
3684000
|
trusted library allocation
|
page read and write
|
||
|
1236000
|
trusted library allocation
|
page execute and read and write
|
||
|
6E80000
|
heap
|
page read and write
|
||
|
7FA000
|
heap
|
page read and write
|
||
|
671A000
|
trusted library allocation
|
page read and write
|
||
|
5ABE000
|
heap
|
page read and write
|
||
|
6FA0000
|
heap
|
page read and write
|
||
|
109E000
|
stack
|
page read and write
|
||
|
5521000
|
trusted library allocation
|
page read and write
|
||
|
35F4000
|
trusted library allocation
|
page read and write
|
||
|
FC000
|
unkown
|
page readonly
|
||
|
43A8000
|
trusted library allocation
|
page read and write
|
||
|
3624000
|
trusted library allocation
|
page read and write
|
||
|
66EC000
|
stack
|
page read and write
|
||
|
3652000
|
trusted library allocation
|
page read and write
|
||
|
449C000
|
trusted library allocation
|
page read and write
|
||
|
2681000
|
trusted library allocation
|
page read and write
|
||
|
448C000
|
trusted library allocation
|
page read and write
|
||
|
348D000
|
trusted library allocation
|
page read and write
|
||
|
767E000
|
stack
|
page read and write
|
||
|
42E5000
|
trusted library allocation
|
page read and write
|
||
|
647C000
|
stack
|
page read and write
|
||
|
6710000
|
trusted library allocation
|
page read and write
|
||
|
354C000
|
trusted library allocation
|
page read and write
|
||
|
356A000
|
trusted library allocation
|
page read and write
|
||
|
1250000
|
heap
|
page read and write
|
||
|
6490000
|
trusted library allocation
|
page execute and read and write
|
||
|
370C000
|
trusted library allocation
|
page read and write
|
||
|
4319000
|
trusted library allocation
|
page read and write
|
||
|
A90000
|
trusted library allocation
|
page execute and read and write
|
||
|
2FDE000
|
trusted library allocation
|
page read and write
|
||
|
3642000
|
trusted library allocation
|
page read and write
|
||
|
34A2000
|
trusted library allocation
|
page read and write
|
||
|
72E0000
|
trusted library allocation
|
page read and write
|
||
|
7210000
|
trusted library allocation
|
page read and write
|
||
|
3689000
|
trusted library allocation
|
page read and write
|
||
|
1200000
|
trusted library allocation
|
page read and write
|
||
|
1213000
|
trusted library allocation
|
page execute and read and write
|
||
|
10F5000
|
heap
|
page read and write
|
||
|
12D8000
|
heap
|
page read and write
|
||
|
4223000
|
trusted library allocation
|
page read and write
|
||
|
3246000
|
trusted library allocation
|
page read and write
|
||
|
57A0000
|
trusted library allocation
|
page read and write
|
||
|
5571000
|
trusted library allocation
|
page read and write
|
||
|
42F5000
|
trusted library allocation
|
page read and write
|
||
|
42D4000
|
trusted library allocation
|
page read and write
|
||
|
4394000
|
trusted library allocation
|
page read and write
|
||
|
12BE000
|
stack
|
page read and write
|
||
|
FF890000
|
trusted library allocation
|
page execute and read and write
|
||
|
4375000
|
trusted library allocation
|
page read and write
|
||
|
7BD000
|
trusted library allocation
|
page execute and read and write
|
||
|
41C0000
|
trusted library allocation
|
page read and write
|
||
|
1540000
|
heap
|
page read and write
|
||
|
659C000
|
stack
|
page read and write
|
||
|
4256000
|
trusted library allocation
|
page read and write
|
||
|
362B000
|
trusted library allocation
|
page read and write
|
||
|
41BA000
|
trusted library allocation
|
page read and write
|
||
|
3244000
|
trusted library allocation
|
page read and write
|
||
|
41C3000
|
trusted library allocation
|
page read and write
|
||
|
4363000
|
trusted library allocation
|
page read and write
|
||
|
387B000
|
trusted library allocation
|
page read and write
|
||
|
4266000
|
trusted library allocation
|
page read and write
|
||
|
5850000
|
trusted library allocation
|
page read and write
|
||
|
100E000
|
stack
|
page read and write
|
||
|
3080000
|
heap
|
page execute and read and write
|
||
|
10B0000
|
heap
|
page read and write
|
||
|
6CD31000
|
unkown
|
page read and write
|
||
|
4311000
|
trusted library allocation
|
page read and write
|
||
|
5A84000
|
heap
|
page read and write
|
||
|
643E000
|
stack
|
page read and write
|
||
|
41AA000
|
trusted library allocation
|
page read and write
|
||
|
5AAE000
|
heap
|
page read and write
|
||
|
2EA0000
|
trusted library allocation
|
page read and write
|
||
|
150B000
|
stack
|
page read and write
|
||
|
43B4000
|
trusted library allocation
|
page read and write
|
||
|
76FE000
|
stack
|
page read and write
|
||
|
345A000
|
trusted library allocation
|
page read and write
|
||
|
6FF5000
|
heap
|
page read and write
|
||
|
3617000
|
trusted library allocation
|
page read and write
|
||
|
41C6000
|
trusted library allocation
|
page read and write
|
||
|
436E000
|
trusted library allocation
|
page read and write
|
||
|
AB0000
|
heap
|
page read and write
|
||
|
1530000
|
trusted library allocation
|
page read and write
|
||
|
3444000
|
trusted library allocation
|
page read and write
|
||
|
7222000
|
trusted library allocation
|
page read and write
|
||
|
558B000
|
trusted library allocation
|
page read and write
|
||
|
41C9000
|
trusted library allocation
|
page read and write
|
||
|
5A88000
|
heap
|
page read and write
|
There are 478 hidden memdumps, click here to show them.