Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
8f5WsFcnTc.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\directory\name.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\name.vbs
|
data
|
dropped
|
|
|
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_bad_module_info_dcd3242e9fa4189184df4216daa4e4c7cdf1959_85207d7d_a7e47327-a6cd-4a75-a021-f666aba22f2d\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER645F.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER648F.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\newfile.exe.log
|
ASCII text, with CRLF line terminators
|
modified
|
||
|
C:\Users\user\AppData\Local\Temp\WER548F.tmp.WERDataCollectionStatus.txt
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\aut4E06.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\aut4E46.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\autD2CB.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\autD32A.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\autD74F.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\autD899.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\jailless
|
ASCII text, with very long lines (28674), with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\reindulging
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\newfile\newfile.exe
|
PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
\Device\ConDrv
|
ASCII text, with CRLF line terminators
|
dropped
|
There are 8 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\8f5WsFcnTc.exe
|
"C:\Users\user\Desktop\8f5WsFcnTc.exe"
|
|
|
|
C:\Users\user\AppData\Local\directory\name.exe
|
"C:\Users\user\Desktop\8f5WsFcnTc.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe
|
"C:\Users\user\Desktop\8f5WsFcnTc.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\newfile\newfile.exe
|
"C:\Users\user\AppData\Roaming\newfile\newfile.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\newfile\newfile.exe
|
"C:\Users\user\AppData\Roaming\newfile\newfile.exe"
|
|
|
|
C:\Windows\System32\wscript.exe
|
"C:\Windows\System32\WScript.exe" "C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\name.vbs"
|
|
|
|
C:\Users\user\AppData\Local\directory\name.exe
|
"C:\Users\user\AppData\Local\directory\name.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe
|
"C:\Users\user\AppData\Local\directory\name.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 2528 -s 24
|
There are 1 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://sectigo.com/CPS0
|
unknown
|
||
|
http://mail.jaszredony.hu
|
unknown
|
||
|
https://account.dyn.com/
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://ip-api.com/line/?fields=hosting
|
208.95.112.1
|
||
|
http://ip-api.com
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
mail.jaszredony.hu
|
178.238.222.77
|
|
|
|
ip-api.com
|
208.95.112.1
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
208.95.112.1
|
ip-api.com
|
United States
|
|
|
|
178.238.222.77
|
mail.jaszredony.hu
|
Hungary
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASMANCS
|
FileDirectory
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
newfile
|
There are 5 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
402000
|
system
|
page execute and read and write
|
|
|
|
C70000
|
direct allocation
|
page read and write
|
|
|
|
2A31000
|
trusted library allocation
|
page read and write
|
|
|
|
1340000
|
direct allocation
|
page read and write
|
|
|
|
2A5E000
|
trusted library allocation
|
page read and write
|
|
|
|
1C1000
|
unkown
|
page execute read
|
||
|
2A70000
|
trusted library allocation
|
page read and write
|
||
|
6890000
|
trusted library allocation
|
page read and write
|
||
|
CB1000
|
heap
|
page read and write
|
||
|
2A5A000
|
trusted library allocation
|
page read and write
|
||
|
54DE000
|
stack
|
page read and write
|
||
|
35F0000
|
direct allocation
|
page read and write
|
||
|
FD0000
|
heap
|
page read and write
|
||
|
F50000
|
trusted library allocation
|
page read and write
|
||
|
504DFFF000
|
stack
|
page read and write
|
||
|
194E000
|
stack
|
page read and write
|
||
|
137E000
|
heap
|
page read and write
|
||
|
3719000
|
direct allocation
|
page read and write
|
||
|
2A3B000
|
trusted library allocation
|
page execute and read and write
|
||
|
DCA000
|
heap
|
page read and write
|
||
|
540F000
|
stack
|
page read and write
|
||
|
532E000
|
stack
|
page read and write
|
||
|
13F4000
|
trusted library allocation
|
page read and write
|
||
|
F57000
|
heap
|
page read and write
|
||
|
612E000
|
stack
|
page read and write
|
||
|
35F0000
|
direct allocation
|
page read and write
|
||
|
C4F000
|
heap
|
page read and write
|
||
|
6290000
|
trusted library allocation
|
page read and write
|
||
|
294000
|
unkown
|
page readonly
|
||
|
624D000
|
stack
|
page read and write
|
||
|
FDB000
|
trusted library allocation
|
page execute and read and write
|
||
|
5120000
|
trusted library allocation
|
page read and write
|
||
|
51C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
C00000
|
trusted library allocation
|
page read and write
|
||
|
371D000
|
direct allocation
|
page read and write
|
||
|
D6C000
|
unkown
|
page read and write
|
||
|
35C0000
|
direct allocation
|
page read and write
|
||
|
AE5000
|
heap
|
page read and write
|
||
|
D52000
|
heap
|
page read and write
|
||
|
FC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C0000
|
unkown
|
page readonly
|
||
|
B0E000
|
stack
|
page read and write
|
||
|
118E000
|
heap
|
page read and write
|
||
|
EA7000
|
heap
|
page read and write
|
||
|
11FB000
|
heap
|
page read and write
|
||
|
F4F000
|
stack
|
page read and write
|
||
|
21EB6ACE000
|
heap
|
page read and write
|
||
|
37DE000
|
direct allocation
|
page read and write
|
||
|
B8B000
|
trusted library allocation
|
page execute and read and write
|
||
|
3760000
|
direct allocation
|
page read and write
|
||
|
ABD000
|
heap
|
page read and write
|
||
|
504DBFE000
|
stack
|
page read and write
|
||
|
13E3000
|
trusted library allocation
|
page execute and read and write
|
||
|
B6E000
|
stack
|
page read and write
|
||
|
B1C000
|
heap
|
page read and write
|
||
|
4EC0000
|
trusted library allocation
|
page read and write
|
||
|
35C3000
|
direct allocation
|
page read and write
|
||
|
28F0000
|
heap
|
page read and write
|
||
|
504DAFE000
|
stack
|
page read and write
|
||
|
21EB6AC5000
|
heap
|
page read and write
|
||
|
294000
|
unkown
|
page readonly
|
||
|
1183000
|
heap
|
page read and write
|
||
|
DA4000
|
heap
|
page read and write
|
||
|
2A82000
|
trusted library allocation
|
page read and write
|
||
|
5BA000
|
unkown
|
page readonly
|
||
|
A50000
|
direct allocation
|
page execute and read and write
|
||
|
3760000
|
direct allocation
|
page read and write
|
||
|
EE2000
|
heap
|
page read and write
|
||
|
D70000
|
unkown
|
page write copy
|
||
|
21EB66E0000
|
heap
|
page read and write
|
||
|
549E000
|
stack
|
page read and write
|
||
|
CB0000
|
direct allocation
|
page read and write
|
||
|
D3C000
|
unkown
|
page readonly
|
||
|
C30000
|
heap
|
page read and write
|
||
|
9CE000
|
stack
|
page read and write
|
||
|
2B6F000
|
trusted library allocation
|
page read and write
|
||
|
D52000
|
heap
|
page read and write
|
||
|
AF4000
|
heap
|
page read and write
|
||
|
62A0000
|
trusted library allocation
|
page read and write
|
||
|
36E3000
|
direct allocation
|
page read and write
|
||
|
21EB6AC0000
|
heap
|
page read and write
|
||
|
2A7E000
|
trusted library allocation
|
page read and write
|
||
|
AF6000
|
heap
|
page read and write
|
||
|
4F10000
|
heap
|
page read and write
|
||
|
35C3000
|
direct allocation
|
page read and write
|
||
|
25C000
|
unkown
|
page readonly
|
||
|
28A0000
|
heap
|
page read and write
|
||
|
21EB67E0000
|
heap
|
page read and write
|
||
|
2A64000
|
trusted library allocation
|
page read and write
|
||
|
35C0000
|
direct allocation
|
page read and write
|
||
|
5D62000
|
heap
|
page read and write
|
||
|
38FE000
|
direct allocation
|
page read and write
|
||
|
133F000
|
stack
|
page read and write
|
||
|
7D0000
|
heap
|
page read and write
|
||
|
3573000
|
direct allocation
|
page read and write
|
||
|
C13000
|
trusted library allocation
|
page execute and read and write
|
||
|
68D0000
|
heap
|
page read and write
|
||
|
DB3000
|
heap
|
page read and write
|
||
|
D3C000
|
unkown
|
page readonly
|
||
|
2920000
|
heap
|
page read and write
|
||
|
4DC000
|
stack
|
page read and write
|
||
|
C4E000
|
heap
|
page read and write
|
||
|
4E8E000
|
trusted library allocation
|
page read and write
|
||
|
1174000
|
heap
|
page read and write
|
||
|
5070000
|
heap
|
page read and write
|
||
|
137C000
|
heap
|
page read and write
|
||
|
371D000
|
direct allocation
|
page read and write
|
||
|
1C0000
|
unkown
|
page readonly
|
||
|
AF6000
|
heap
|
page read and write
|
||
|
AAB000
|
heap
|
page read and write
|
||
|
505C000
|
stack
|
page read and write
|
||
|
562E000
|
stack
|
page read and write
|
||
|
F46000
|
heap
|
page read and write
|
||
|
544D000
|
stack
|
page read and write
|
||
|
139B000
|
heap
|
page read and write
|
||
|
EFC000
|
heap
|
page read and write
|
||
|
FC0000
|
trusted library allocation
|
page read and write
|
||
|
1184000
|
heap
|
page read and write
|
||
|
25C000
|
unkown
|
page readonly
|
||
|
38E1000
|
direct allocation
|
page read and write
|
||
|
F46000
|
heap
|
page read and write
|
||
|
D74000
|
unkown
|
page readonly
|
||
|
B05000
|
heap
|
page read and write
|
||
|
B4D000
|
trusted library allocation
|
page execute and read and write
|
||
|
BCE000
|
stack
|
page read and write
|
||
|
36E3000
|
direct allocation
|
page read and write
|
||
|
28C000
|
unkown
|
page read and write
|
||
|
11FB000
|
heap
|
page read and write
|
||
|
3640000
|
direct allocation
|
page read and write
|
||
|
282000
|
unkown
|
page readonly
|
||
|
A30000
|
heap
|
page read and write
|
||
|
5D57000
|
heap
|
page read and write
|
||
|
1D4E000
|
stack
|
page read and write
|
||
|
DEA000
|
heap
|
page read and write
|
||
|
68A0000
|
trusted library allocation
|
page read and write
|
||
|
4EA1000
|
trusted library allocation
|
page read and write
|
||
|
138B000
|
heap
|
page read and write
|
||
|
6140000
|
trusted library allocation
|
page read and write
|
||
|
C65000
|
heap
|
page read and write
|
||
|
38EE000
|
direct allocation
|
page read and write
|
||
|
2DD0000
|
heap
|
page execute and read and write
|
||
|
503E000
|
stack
|
page read and write
|
||
|
F46000
|
heap
|
page read and write
|
||
|
4A3C000
|
stack
|
page read and write
|
||
|
294000
|
unkown
|
page readonly
|
||
|
36E3000
|
direct allocation
|
page read and write
|
||
|
28E0000
|
trusted library allocation
|
page read and write
|
||
|
34A0000
|
direct allocation
|
page read and write
|
||
|
118E000
|
heap
|
page read and write
|
||
|
3450000
|
direct allocation
|
page read and write
|
||
|
F70000
|
heap
|
page read and write
|
||
|
282000
|
unkown
|
page readonly
|
||
|
370000
|
heap
|
page read and write
|
||
|
F60000
|
heap
|
page execute and read and write
|
||
|
5630000
|
trusted library allocation
|
page read and write
|
||
|
37DE000
|
direct allocation
|
page read and write
|
||
|
D50000
|
heap
|
page read and write
|
||
|
F60000
|
heap
|
page read and write
|
||
|
36E3000
|
direct allocation
|
page read and write
|
||
|
C2D000
|
trusted library allocation
|
page execute and read and write
|
||
|
BEE000
|
heap
|
page read and write
|
||
|
AF7000
|
heap
|
page read and write
|
||
|
36E3000
|
direct allocation
|
page read and write
|
||
|
129F000
|
heap
|
page read and write
|
||
|
85C000
|
stack
|
page read and write
|
||
|
3A29000
|
trusted library allocation
|
page read and write
|
||
|
21EB6835000
|
heap
|
page read and write
|
||
|
B95000
|
heap
|
page read and write
|
||
|
9DB000
|
stack
|
page read and write
|
||
|
B3B000
|
heap
|
page read and write
|
||
|
127E000
|
heap
|
page read and write
|
||
|
3573000
|
direct allocation
|
page read and write
|
||
|
1046000
|
heap
|
page read and write
|
||
|
11FB000
|
heap
|
page read and write
|
||
|
AA3000
|
heap
|
page read and write
|
||
|
B20000
|
heap
|
page read and write
|
||
|
61A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
35C0000
|
direct allocation
|
page read and write
|
||
|
C7D000
|
stack
|
page read and write
|
||
|
AD0000
|
heap
|
page read and write
|
||
|
AF8000
|
stack
|
page read and write
|
||
|
C38000
|
heap
|
page read and write
|
||
|
AAE000
|
heap
|
page read and write
|
||
|
1158000
|
heap
|
page read and write
|
||
|
191E000
|
stack
|
page read and write
|
||
|
55DE000
|
stack
|
page read and write
|
||
|
2931000
|
trusted library allocation
|
page read and write
|
||
|
1C1000
|
unkown
|
page execute read
|
||
|
2A8C000
|
trusted library allocation
|
page read and write
|
||
|
301E000
|
stack
|
page read and write
|
||
|
AF4000
|
heap
|
page read and write
|
||
|
11E4000
|
heap
|
page read and write
|
||
|
EDE000
|
stack
|
page read and write
|
||
|
5CF0000
|
heap
|
page read and write
|
||
|
B6D000
|
trusted library allocation
|
page execute and read and write
|
||
|
9FF000
|
stack
|
page read and write
|
||
|
3889000
|
direct allocation
|
page read and write
|
||
|
6AC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2BD0000
|
heap
|
page read and write
|
||
|
DF7000
|
heap
|
page read and write
|
||
|
3DE1000
|
trusted library allocation
|
page read and write
|
||
|
880000
|
heap
|
page read and write
|
||
|
376D000
|
direct allocation
|
page read and write
|
||
|
4E8B000
|
trusted library allocation
|
page read and write
|
||
|
D28000
|
heap
|
page read and write
|
||
|
AF4000
|
heap
|
page read and write
|
||
|
530E000
|
stack
|
page read and write
|
||
|
1182000
|
heap
|
page read and write
|
||
|
34D0000
|
heap
|
page read and write
|
||
|
4E9E000
|
trusted library allocation
|
page read and write
|
||
|
F41000
|
heap
|
page read and write
|
||
|
D20000
|
heap
|
page read and write
|
||
|
3450000
|
direct allocation
|
page read and write
|
||
|
388D000
|
direct allocation
|
page read and write
|
||
|
11D3000
|
heap
|
page read and write
|
||
|
3889000
|
direct allocation
|
page read and write
|
||
|
3719000
|
direct allocation
|
page read and write
|
||
|
C10000
|
trusted library allocation
|
page read and write
|
||
|
3573000
|
direct allocation
|
page read and write
|
||
|
3769000
|
direct allocation
|
page read and write
|
||
|
28C000
|
unkown
|
page write copy
|
||
|
E2F000
|
stack
|
page read and write
|
||
|
11D4000
|
heap
|
page read and write
|
||
|
13B0000
|
heap
|
page read and write
|
||
|
EB8000
|
heap
|
page read and write
|
||
|
FD5000
|
trusted library allocation
|
page execute and read and write
|
||
|
959000
|
stack
|
page read and write
|
||
|
38FE000
|
direct allocation
|
page read and write
|
||
|
28C0000
|
heap
|
page execute and read and write
|
||
|
B43000
|
trusted library allocation
|
page execute and read and write
|
||
|
5D6D000
|
heap
|
page read and write
|
||
|
136C000
|
heap
|
page read and write
|
||
|
34D4000
|
heap
|
page read and write
|
||
|
400000
|
system
|
page execute and read and write
|
||
|
28C000
|
unkown
|
page write copy
|
||
|
118B000
|
heap
|
page read and write
|
||
|
E30000
|
trusted library allocation
|
page execute and read and write
|
||
|
CA0000
|
unkown
|
page readonly
|
||
|
4F20000
|
heap
|
page read and write
|
||
|
4D6F000
|
stack
|
page read and write
|
||
|
11FB000
|
heap
|
page read and write
|
||
|
ACE000
|
stack
|
page read and write
|
||
|
DCB000
|
heap
|
page read and write
|
||
|
B44000
|
trusted library allocation
|
page read and write
|
||
|
1C1000
|
unkown
|
page execute read
|
||
|
35C3000
|
direct allocation
|
page read and write
|
||
|
FD7000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C0000
|
unkown
|
page readonly
|
||
|
9EF000
|
stack
|
page read and write
|
||
|
769000
|
stack
|
page read and write
|
||
|
2B9E000
|
stack
|
page read and write
|
||
|
3450000
|
direct allocation
|
page read and write
|
||
|
EBD000
|
heap
|
page read and write
|
||
|
21EB6800000
|
heap
|
page read and write
|
||
|
11FB000
|
heap
|
page read and write
|
||
|
3A01000
|
trusted library allocation
|
page read and write
|
||
|
6147000
|
trusted library allocation
|
page read and write
|
||
|
674F000
|
stack
|
page read and write
|
||
|
5638000
|
trusted library allocation
|
page read and write
|
||
|
DDE000
|
heap
|
page read and write
|
||
|
E8C000
|
heap
|
page read and write
|
||
|
390000
|
heap
|
page read and write
|
||
|
613D000
|
trusted library allocation
|
page read and write
|
||
|
1400000
|
heap
|
page read and write
|
||
|
E8F000
|
heap
|
page read and write
|
||
|
B50000
|
heap
|
page read and write
|
||
|
13B4000
|
heap
|
page read and write
|
||
|
522E000
|
stack
|
page read and write
|
||
|
13FD000
|
trusted library allocation
|
page execute and read and write
|
||
|
3760000
|
direct allocation
|
page read and write
|
||
|
2890000
|
trusted library allocation
|
page execute and read and write
|
||
|
C20000
|
trusted library allocation
|
page read and write
|
||
|
4F30000
|
heap
|
page execute and read and write
|
||
|
D94000
|
heap
|
page read and write
|
||
|
504DDFE000
|
stack
|
page read and write
|
||
|
504D6FA000
|
stack
|
page read and write
|
||
|
137D000
|
heap
|
page read and write
|
||
|
34A0000
|
direct allocation
|
page read and write
|
||
|
3760000
|
direct allocation
|
page read and write
|
||
|
388D000
|
direct allocation
|
page read and write
|
||
|
C80000
|
heap
|
page read and write
|
||
|
DCA000
|
heap
|
page read and write
|
||
|
118B000
|
heap
|
page read and write
|
||
|
C35000
|
heap
|
page read and write
|
||
|
282000
|
unkown
|
page readonly
|
||
|
28C000
|
unkown
|
page read and write
|
||
|
504DEFE000
|
stack
|
page read and write
|
||
|
1150000
|
heap
|
page read and write
|
||
|
FC6000
|
trusted library allocation
|
page execute and read and write
|
||
|
35C0000
|
direct allocation
|
page read and write
|
||
|
D55000
|
heap
|
page read and write
|
||
|
F24000
|
heap
|
page read and write
|
||
|
38FE000
|
direct allocation
|
page read and write
|
||
|
294000
|
unkown
|
page readonly
|
||
|
B1B000
|
heap
|
page read and write
|
||
|
DB3000
|
heap
|
page read and write
|
||
|
B1B000
|
heap
|
page read and write
|
||
|
38FE000
|
direct allocation
|
page read and write
|
||
|
AA4000
|
heap
|
page read and write
|
||
|
2A01000
|
trusted library allocation
|
page read and write
|
||
|
11FB000
|
heap
|
page read and write
|
||
|
DC7000
|
heap
|
page read and write
|
||
|
B1B000
|
heap
|
page read and write
|
||
|
290000
|
unkown
|
page write copy
|
||
|
F30000
|
heap
|
page read and write
|
||
|
D62000
|
unkown
|
page readonly
|
||
|
376D000
|
direct allocation
|
page read and write
|
||
|
C92000
|
heap
|
page read and write
|
||
|
4EB2000
|
trusted library allocation
|
page read and write
|
||
|
21EB6864000
|
heap
|
page read and write
|
||
|
9DB000
|
stack
|
page read and write
|
||
|
F57000
|
heap
|
page read and write
|
||
|
5080000
|
heap
|
page execute and read and write
|
||
|
3820000
|
direct allocation
|
page read and write
|
||
|
CA2000
|
heap
|
page read and write
|
||
|
F55000
|
heap
|
page read and write
|
||
|
C30000
|
heap
|
page read and write
|
||
|
11FC000
|
heap
|
page read and write
|
||
|
3270000
|
heap
|
page read and write
|
||
|
B1B000
|
heap
|
page read and write
|
||
|
B64000
|
trusted library allocation
|
page read and write
|
||
|
378E000
|
direct allocation
|
page read and write
|
||
|
2BC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
5CA000
|
stack
|
page read and write
|
||
|
38FE000
|
direct allocation
|
page read and write
|
||
|
3889000
|
direct allocation
|
page read and write
|
||
|
DCA000
|
heap
|
page read and write
|
||
|
378E000
|
direct allocation
|
page read and write
|
||
|
BEF000
|
stack
|
page read and write
|
||
|
D3A000
|
stack
|
page read and write
|
||
|
1110000
|
direct allocation
|
page read and write
|
||
|
BEE000
|
stack
|
page read and write
|
||
|
C54000
|
heap
|
page read and write
|
||
|
602E000
|
stack
|
page read and write
|
||
|
290000
|
unkown
|
page write copy
|
||
|
628E000
|
stack
|
page read and write
|
||
|
DCA000
|
heap
|
page read and write
|
||
|
11C4000
|
heap
|
page read and write
|
||
|
3450000
|
direct allocation
|
page read and write
|
||
|
F50000
|
direct allocation
|
page execute and read and write
|
||
|
35F0000
|
direct allocation
|
page read and write
|
||
|
5B2000
|
unkown
|
page readonly
|
||
|
2A9E000
|
stack
|
page read and write
|
||
|
AAE000
|
heap
|
page read and write
|
||
|
C30000
|
heap
|
page read and write
|
||
|
CA1000
|
heap
|
page read and write
|
||
|
118E000
|
heap
|
page read and write
|
||
|
52CE000
|
stack
|
page read and write
|
||
|
AAB000
|
heap
|
page read and write
|
||
|
36E000
|
stack
|
page read and write
|
||
|
DA5000
|
heap
|
page read and write
|
||
|
9EF000
|
stack
|
page read and write
|
||
|
FD2000
|
trusted library allocation
|
page read and write
|
||
|
A70000
|
heap
|
page read and write
|
||
|
4EA6000
|
trusted library allocation
|
page read and write
|
||
|
388D000
|
direct allocation
|
page read and write
|
||
|
21EB67C0000
|
heap
|
page read and write
|
||
|
C1D000
|
trusted library allocation
|
page execute and read and write
|
||
|
D74000
|
unkown
|
page readonly
|
||
|
F97000
|
heap
|
page read and write
|
||
|
9B0000
|
heap
|
page read and write
|
||
|
C60000
|
direct allocation
|
page execute and read and write
|
||
|
E8B000
|
heap
|
page read and write
|
||
|
371D000
|
direct allocation
|
page read and write
|
||
|
13D0000
|
trusted library allocation
|
page read and write
|
||
|
B60000
|
trusted library allocation
|
page read and write
|
||
|
E76000
|
heap
|
page read and write
|
||
|
D6D000
|
heap
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
A78000
|
heap
|
page read and write
|
||
|
388D000
|
direct allocation
|
page read and write
|
||
|
119D000
|
heap
|
page read and write
|
||
|
37DE000
|
direct allocation
|
page read and write
|
||
|
21EB68B2000
|
heap
|
page read and write
|
||
|
C67000
|
heap
|
page read and write
|
||
|
CA0000
|
unkown
|
page readonly
|
||
|
1040000
|
heap
|
page read and write
|
||
|
320000
|
heap
|
page read and write
|
||
|
5B0000
|
unkown
|
page readonly
|
||
|
C94000
|
heap
|
page read and write
|
||
|
3E0000
|
heap
|
page read and write
|
||
|
3931000
|
trusted library allocation
|
page read and write
|
||
|
9FF000
|
stack
|
page read and write
|
||
|
523F000
|
stack
|
page read and write
|
||
|
27F8000
|
trusted library allocation
|
page read and write
|
||
|
B1B000
|
heap
|
page read and write
|
||
|
A94000
|
heap
|
page read and write
|
||
|
3889000
|
direct allocation
|
page read and write
|
||
|
18A000
|
stack
|
page read and write
|
||
|
376D000
|
direct allocation
|
page read and write
|
||
|
E90000
|
heap
|
page read and write
|
||
|
3640000
|
direct allocation
|
page read and write
|
||
|
36E3000
|
direct allocation
|
page read and write
|
||
|
CD0000
|
heap
|
page read and write
|
||
|
13E4000
|
trusted library allocation
|
page read and write
|
||
|
21EB6808000
|
heap
|
page read and write
|
||
|
388D000
|
direct allocation
|
page read and write
|
||
|
F56000
|
heap
|
page read and write
|
||
|
B1B000
|
heap
|
page read and write
|
||
|
F55000
|
heap
|
page read and write
|
||
|
E4E000
|
heap
|
page read and write
|
||
|
35C0000
|
direct allocation
|
page read and write
|
||
|
3640000
|
direct allocation
|
page read and write
|
||
|
3DE000
|
stack
|
page read and write
|
||
|
3769000
|
direct allocation
|
page read and write
|
||
|
3760000
|
direct allocation
|
page read and write
|
||
|
25C000
|
unkown
|
page readonly
|
||
|
4B3D000
|
stack
|
page read and write
|
||
|
1C1000
|
unkown
|
page execute read
|
||
|
DCA000
|
heap
|
page read and write
|
||
|
CA1000
|
unkown
|
page execute read
|
||
|
D90000
|
heap
|
page read and write
|
||
|
4EAD000
|
trusted library allocation
|
page read and write
|
||
|
2A30000
|
trusted library allocation
|
page read and write
|
||
|
4E9A000
|
trusted library allocation
|
page read and write
|
||
|
34A0000
|
direct allocation
|
page read and write
|
||
|
BF0000
|
heap
|
page read and write
|
||
|
4E6E000
|
stack
|
page read and write
|
||
|
BDB000
|
stack
|
page read and write
|
||
|
119D000
|
heap
|
page read and write
|
||
|
3889000
|
direct allocation
|
page read and write
|
||
|
111F000
|
stack
|
page read and write
|
||
|
CB5000
|
heap
|
page read and write
|
||
|
B05000
|
heap
|
page read and write
|
||
|
CA1000
|
unkown
|
page execute read
|
||
|
FB0000
|
trusted library allocation
|
page read and write
|
||
|
C14000
|
trusted library allocation
|
page read and write
|
||
|
7E0000
|
heap
|
page read and write
|
||
|
539E000
|
stack
|
page read and write
|
||
|
C40000
|
heap
|
page read and write
|
||
|
378E000
|
direct allocation
|
page read and write
|
||
|
1C0000
|
unkown
|
page readonly
|
||
|
4ED0000
|
trusted library allocation
|
page read and write
|
||
|
D5E000
|
heap
|
page read and write
|
||
|
DCA000
|
heap
|
page read and write
|
||
|
C2C000
|
stack
|
page read and write
|
||
|
37A000
|
stack
|
page read and write
|
||
|
38FE000
|
direct allocation
|
page read and write
|
||
|
3A6B000
|
trusted library allocation
|
page read and write
|
||
|
D5B000
|
heap
|
page read and write
|
||
|
4EAE000
|
stack
|
page read and write
|
||
|
4E92000
|
trusted library allocation
|
page read and write
|
||
|
121B000
|
heap
|
page read and write
|
||
|
2A5C000
|
trusted library allocation
|
page read and write
|
||
|
2DE1000
|
trusted library allocation
|
page read and write
|
||
|
371D000
|
direct allocation
|
page read and write
|
||
|
D5E000
|
heap
|
page read and write
|
||
|
B87000
|
trusted library allocation
|
page execute and read and write
|
||
|
13F0000
|
trusted library allocation
|
page read and write
|
||
|
282000
|
unkown
|
page readonly
|
||
|
3889000
|
direct allocation
|
page read and write
|
||
|
DEA000
|
heap
|
page read and write
|
||
|
2BA0000
|
heap
|
page read and write
|
||
|
FCA000
|
trusted library allocation
|
page execute and read and write
|
||
|
137E000
|
heap
|
page read and write
|
||
|
D43000
|
heap
|
page read and write
|
||
|
1470000
|
heap
|
page read and write
|
||
|
121E000
|
stack
|
page read and write
|
||
|
EDE000
|
stack
|
page read and write
|
||
|
35F0000
|
direct allocation
|
page read and write
|
||
|
518C000
|
stack
|
page read and write
|
||
|
9BE000
|
stack
|
page read and write
|
||
|
D62000
|
unkown
|
page readonly
|
||
|
68E0000
|
heap
|
page read and write
|
||
|
E70000
|
heap
|
page read and write
|
||
|
554E000
|
stack
|
page read and write
|
||
|
C3C000
|
stack
|
page read and write
|
||
|
35C0000
|
direct allocation
|
page read and write
|
||
|
291E000
|
stack
|
page read and write
|
||
|
BE2000
|
heap
|
page read and write
|
||
|
504D8FE000
|
stack
|
page read and write
|
||
|
AA3000
|
heap
|
page read and write
|
||
|
DC0000
|
heap
|
page read and write
|
||
|
119D000
|
heap
|
page read and write
|
||
|
F20000
|
heap
|
page read and write
|
||
|
F1E000
|
stack
|
page read and write
|
||
|
3274000
|
heap
|
page read and write
|
||
|
2A37000
|
trusted library allocation
|
page execute and read and write
|
||
|
BBE000
|
stack
|
page read and write
|
||
|
C8D000
|
heap
|
page read and write
|
||
|
28D0000
|
trusted library allocation
|
page read and write
|
||
|
29FF000
|
stack
|
page read and write
|
||
|
D6C000
|
unkown
|
page write copy
|
||
|
55EE000
|
stack
|
page read and write
|
||
|
4E80000
|
trusted library allocation
|
page read and write
|
||
|
3719000
|
direct allocation
|
page read and write
|
||
|
B30000
|
trusted library allocation
|
page read and write
|
||
|
F8D000
|
heap
|
page read and write
|
||
|
151F000
|
stack
|
page read and write
|
||
|
9BF000
|
stack
|
page read and write
|
||
|
AF0000
|
heap
|
page read and write
|
||
|
4EEE000
|
stack
|
page read and write
|
||
|
C5A000
|
heap
|
page read and write
|
||
|
C5B000
|
heap
|
page read and write
|
||
|
378E000
|
direct allocation
|
page read and write
|
||
|
DCA000
|
heap
|
page read and write
|
||
|
6130000
|
trusted library allocation
|
page read and write
|
||
|
B55000
|
heap
|
page read and write
|
||
|
B1B000
|
heap
|
page read and write
|
||
|
2DC0000
|
trusted library allocation
|
page read and write
|
||
|
B04000
|
heap
|
page read and write
|
||
|
11D3000
|
heap
|
page read and write
|
||
|
25C000
|
unkown
|
page readonly
|
||
|
2A50000
|
trusted library allocation
|
page read and write
|
||
|
3760000
|
direct allocation
|
page read and write
|
||
|
C93000
|
heap
|
page read and write
|
||
|
F3C000
|
heap
|
page read and write
|
||
|
4E86000
|
trusted library allocation
|
page read and write
|
||
|
513E000
|
stack
|
page read and write
|
||
|
136D000
|
heap
|
page read and write
|
||
|
FC2000
|
trusted library allocation
|
page read and write
|
||
|
F57000
|
heap
|
page read and write
|
||
|
103E000
|
stack
|
page read and write
|
||
|
664E000
|
stack
|
page read and write
|
||
|
CA3000
|
heap
|
page read and write
|
||
|
FF0000
|
trusted library allocation
|
page read and write
|
||
|
DCA000
|
heap
|
page read and write
|
||
|
504D7FF000
|
stack
|
page read and write
|
||
|
FAE000
|
stack
|
page read and write
|
||
|
C35000
|
heap
|
page read and write
|
||
|
F4A000
|
heap
|
page read and write
|
||
|
3719000
|
direct allocation
|
page read and write
|
||
|
E40000
|
heap
|
page read and write
|
||
|
BFF000
|
stack
|
page read and write
|
||
|
11FB000
|
heap
|
page read and write
|
||
|
F28000
|
heap
|
page read and write
|
||
|
388D000
|
direct allocation
|
page read and write
|
||
|
DF5000
|
heap
|
page read and write
|
||
|
E91000
|
heap
|
page read and write
|
||
|
5350000
|
heap
|
page execute and read and write
|
||
|
9CF000
|
stack
|
page read and write
|
||
|
2DBD000
|
stack
|
page read and write
|
||
|
4F13000
|
heap
|
page read and write
|
||
|
62A7000
|
trusted library allocation
|
page read and write
|
||
|
C1E000
|
heap
|
page read and write
|
||
|
138A000
|
heap
|
page read and write
|
||
|
3573000
|
direct allocation
|
page read and write
|
||
|
51CE000
|
stack
|
page read and write
|
||
|
3769000
|
direct allocation
|
page read and write
|
||
|
13ED000
|
trusted library allocation
|
page execute and read and write
|
||
|
61B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2CBC000
|
stack
|
page read and write
|
||
|
11FB000
|
heap
|
page read and write
|
||
|
D54000
|
heap
|
page read and write
|
||
|
504E0FC000
|
stack
|
page read and write
|
||
|
3F0000
|
heap
|
page read and write
|
||
|
7FC80000
|
trusted library allocation
|
page execute and read and write
|
||
|
21EB6AB0000
|
heap
|
page read and write
|
||
|
D6C000
|
heap
|
page read and write
|
There are 539 hidden memdumps, click here to show them.