Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Ap8Ahbfg51.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\Ap8Ahbfg51.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\kmspicco.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\e5fd732e304167ee6e9c63caab300dae.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\kmspicco.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
\Device\ConDrv
|
ASCII text, with CRLF line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\Ap8Ahbfg51.exe
|
"C:\Users\user\Desktop\Ap8Ahbfg51.exe"
|
|
|
|
C:\Users\user\AppData\Local\Temp\kmspicco.exe
|
"C:\Users\user\AppData\Local\Temp\kmspicco.exe"
|
|
|
|
C:\Windows\SysWOW64\netsh.exe
|
netsh firewall add allowedprogram "C:\Users\user\AppData\Local\Temp\kmspicco.exe" "kmspicco.exe" ENABLE
|
|
|
|
C:\Users\user\AppData\Local\Temp\kmspicco.exe
|
"C:\Users\user\AppData\Local\Temp\kmspicco.exe" ..
|
|
|
|
C:\Users\user\AppData\Local\Temp\kmspicco.exe
|
"C:\Users\user\AppData\Local\Temp\kmspicco.exe" ..
|
|
|
|
C:\Users\user\AppData\Local\Temp\kmspicco.exe
|
"C:\Users\user\AppData\Local\Temp\kmspicco.exe" ..
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
seznam.zapto.org
|
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
seznam.zapto.org
|
172.232.164.13
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
172.232.164.13
|
seznam.zapto.org
|
United States
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER
|
di
|
|
|
|
HKEY_CURRENT_USER\Environment
|
SEE_MASK_NOZONECHECKS
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
e5fd732e304167ee6e9c63caab300dae
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run
|
e5fd732e304167ee6e9c63caab300dae
|
||
|
HKEY_CURRENT_USER\SOFTWARE\e5fd732e304167ee6e9c63caab300dae
|
[kl]
|
||
|
HKEY_CURRENT_USER\SOFTWARE\e5fd732e304167ee6e9c63caab300dae
|
[kl]
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2F61000
|
trusted library allocation
|
page read and write
|
|
|
|
54A0000
|
trusted library section
|
page read and write
|
|
|
|
2AE1000
|
trusted library allocation
|
page read and write
|
|
|
|
31D1000
|
trusted library allocation
|
page read and write
|
|
|
|
1DB000
|
stack
|
page read and write
|
||
|
1606000
|
trusted library allocation
|
page execute and read and write
|
||
|
3060000
|
trusted library allocation
|
page read and write
|
||
|
7CF000
|
heap
|
page read and write
|
||
|
31C2000
|
trusted library allocation
|
page read and write
|
||
|
590D000
|
stack
|
page read and write
|
||
|
5890000
|
trusted library allocation
|
page read and write
|
||
|
812000
|
heap
|
page read and write
|
||
|
1060000
|
heap
|
page read and write
|
||
|
5ACE000
|
stack
|
page read and write
|
||
|
5406000
|
trusted library allocation
|
page read and write
|
||
|
1940000
|
heap
|
page read and write
|
||
|
5440000
|
heap
|
page read and write
|
||
|
1600000
|
trusted library allocation
|
page read and write
|
||
|
BE5000
|
heap
|
page read and write
|
||
|
7BF000
|
heap
|
page read and write
|
||
|
145B000
|
trusted library allocation
|
page execute and read and write
|
||
|
CE4000
|
trusted library allocation
|
page read and write
|
||
|
32C4000
|
trusted library allocation
|
page read and write
|
||
|
11E8000
|
heap
|
page read and write
|
||
|
32CD000
|
trusted library allocation
|
page read and write
|
||
|
33DE000
|
stack
|
page read and write
|
||
|
41D1000
|
trusted library allocation
|
page read and write
|
||
|
31EC000
|
trusted library allocation
|
page read and write
|
||
|
76E000
|
heap
|
page read and write
|
||
|
91E000
|
unkown
|
page read and write
|
||
|
7C6000
|
heap
|
page read and write
|
||
|
5880000
|
heap
|
page read and write
|
||
|
CF8000
|
trusted library allocation
|
page read and write
|
||
|
5418000
|
trusted library allocation
|
page read and write
|
||
|
1450000
|
trusted library allocation
|
page read and write
|
||
|
5B4D000
|
stack
|
page read and write
|
||
|
10FB000
|
stack
|
page read and write
|
||
|
EF0000
|
heap
|
page read and write
|
||
|
5404000
|
trusted library allocation
|
page read and write
|
||
|
7CB000
|
heap
|
page read and write
|
||
|
4F4000
|
stack
|
page read and write
|
||
|
5780000
|
heap
|
page execute and read and write
|
||
|
12F7000
|
stack
|
page read and write
|
||
|
16F8000
|
heap
|
page read and write
|
||
|
E4F000
|
stack
|
page read and write
|
||
|
1980000
|
trusted library allocation
|
page read and write
|
||
|
5500000
|
trusted library allocation
|
page read and write
|
||
|
5CEE000
|
stack
|
page read and write
|
||
|
7AD000
|
heap
|
page read and write
|
||
|
1423000
|
trusted library allocation
|
page execute and read and write
|
||
|
D83000
|
heap
|
page read and write
|
||
|
7EE000
|
heap
|
page read and write
|
||
|
1480000
|
heap
|
page read and write
|
||
|
766000
|
heap
|
page read and write
|
||
|
122C000
|
heap
|
page read and write
|
||
|
3417000
|
trusted library allocation
|
page read and write
|
||
|
1505000
|
heap
|
page read and write
|
||
|
1620000
|
trusted library allocation
|
page read and write
|
||
|
F5F000
|
stack
|
page read and write
|
||
|
120C000
|
heap
|
page read and write
|
||
|
5BCE000
|
stack
|
page read and write
|
||
|
31F3000
|
trusted library allocation
|
page read and write
|
||
|
2AC5000
|
trusted library allocation
|
page read and write
|
||
|
5A10000
|
heap
|
page read and write
|
||
|
2A74000
|
trusted library allocation
|
page read and write
|
||
|
58FE000
|
stack
|
page read and write
|
||
|
5469000
|
trusted library allocation
|
page read and write
|
||
|
4F29000
|
trusted library allocation
|
page read and write
|
||
|
2FA0000
|
trusted library allocation
|
page read and write
|
||
|
4ACF000
|
stack
|
page read and write
|
||
|
767000
|
heap
|
page read and write
|
||
|
1440000
|
trusted library allocation
|
page read and write
|
||
|
53AE000
|
stack
|
page read and write
|
||
|
2FCD000
|
trusted library allocation
|
page read and write
|
||
|
5470000
|
trusted library allocation
|
page read and write
|
||
|
4BFD000
|
heap
|
page read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
4F30000
|
trusted library allocation
|
page read and write
|
||
|
158E000
|
stack
|
page read and write
|
||
|
80E000
|
heap
|
page read and write
|
||
|
182E000
|
stack
|
page read and write
|
||
|
5525000
|
trusted library allocation
|
page read and write
|
||
|
5E90000
|
heap
|
page read and write
|
||
|
78E000
|
heap
|
page read and write
|
||
|
7CD000
|
heap
|
page read and write
|
||
|
161F000
|
stack
|
page read and write
|
||
|
32C6000
|
trusted library allocation
|
page read and write
|
||
|
2AAE000
|
trusted library allocation
|
page read and write
|
||
|
58E0000
|
heap
|
page read and write
|
||
|
D17000
|
trusted library allocation
|
page execute and read and write
|
||
|
CE0000
|
trusted library allocation
|
page read and write
|
||
|
197A000
|
trusted library allocation
|
page execute and read and write
|
||
|
3050000
|
heap
|
page read and write
|
||
|
7B0000
|
heap
|
page read and write
|
||
|
AF7000
|
stack
|
page read and write
|
||
|
81E000
|
heap
|
page read and write
|
||
|
80F000
|
heap
|
page read and write
|
||
|
7AC000
|
heap
|
page read and write
|
||
|
5B6E000
|
stack
|
page read and write
|
||
|
4BFB000
|
heap
|
page read and write
|
||
|
1400000
|
trusted library allocation
|
page read and write
|
||
|
7B5000
|
heap
|
page read and write
|
||
|
2FB0000
|
trusted library allocation
|
page read and write
|
||
|
80E000
|
heap
|
page read and write
|
||
|
54DE000
|
stack
|
page read and write
|
||
|
768000
|
heap
|
page read and write
|
||
|
757000
|
heap
|
page read and write
|
||
|
7C5000
|
heap
|
page read and write
|
||
|
1438000
|
trusted library allocation
|
page read and write
|
||
|
7B1000
|
heap
|
page read and write
|
||
|
1500000
|
heap
|
page read and write
|
||
|
16E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
D97000
|
heap
|
page read and write
|
||
|
754000
|
heap
|
page read and write
|
||
|
15D0000
|
trusted library allocation
|
page read and write
|
||
|
15E0000
|
trusted library allocation
|
page read and write
|
||
|
2FC6000
|
trusted library allocation
|
page read and write
|
||
|
7C5000
|
heap
|
page read and write
|
||
|
4BFB000
|
heap
|
page read and write
|
||
|
1963000
|
trusted library allocation
|
page read and write
|
||
|
5E10000
|
trusted library allocation
|
page read and write
|
||
|
31E7000
|
trusted library allocation
|
page read and write
|
||
|
12C1000
|
heap
|
page read and write
|
||
|
741000
|
heap
|
page read and write
|
||
|
660C000
|
stack
|
page read and write
|
||
|
72A000
|
heap
|
page read and write
|
||
|
CF0000
|
trusted library allocation
|
page read and write
|
||
|
1713000
|
heap
|
page read and write
|
||
|
76F000
|
heap
|
page read and write
|
||
|
30CE000
|
stack
|
page read and write
|
||
|
7AE000
|
heap
|
page read and write
|
||
|
4F20000
|
trusted library allocation
|
page read and write
|
||
|
7BB000
|
heap
|
page read and write
|
||
|
3AE1000
|
trusted library allocation
|
page read and write
|
||
|
15E4000
|
trusted library allocation
|
page read and write
|
||
|
33E1000
|
trusted library allocation
|
page read and write
|
||
|
B20000
|
heap
|
page read and write
|
||
|
81E000
|
heap
|
page read and write
|
||
|
5480000
|
trusted library allocation
|
page read and write
|
||
|
162A000
|
trusted library allocation
|
page execute and read and write
|
||
|
4C09000
|
heap
|
page read and write
|
||
|
5730000
|
trusted library allocation
|
page read and write
|
||
|
7BE000
|
heap
|
page read and write
|
||
|
4EE000
|
stack
|
page read and write
|
||
|
571D000
|
trusted library allocation
|
page read and write
|
||
|
52CE000
|
stack
|
page read and write
|
||
|
11EE000
|
heap
|
page read and write
|
||
|
7FAC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
5740000
|
trusted library allocation
|
page read and write
|
||
|
1756000
|
heap
|
page read and write
|
||
|
3070000
|
trusted library allocation
|
page read and write
|
||
|
56FB000
|
trusted library allocation
|
page read and write
|
||
|
7AC000
|
heap
|
page read and write
|
||
|
5711000
|
trusted library allocation
|
page read and write
|
||
|
7B0000
|
heap
|
page read and write
|
||
|
105F000
|
stack
|
page read and write
|
||
|
1960000
|
trusted library allocation
|
page read and write
|
||
|
16F0000
|
heap
|
page read and write
|
||
|
2F5E000
|
stack
|
page read and write
|
||
|
FCA000
|
stack
|
page read and write
|
||
|
5830000
|
trusted library allocation
|
page read and write
|
||
|
78C000
|
heap
|
page read and write
|
||
|
1694000
|
heap
|
page read and write
|
||
|
7BA000
|
heap
|
page read and write
|
||
|
15E3000
|
trusted library allocation
|
page execute and read and write
|
||
|
1259000
|
heap
|
page read and write
|
||
|
768000
|
heap
|
page read and write
|
||
|
4F9E000
|
stack
|
page read and write
|
||
|
53F0000
|
trusted library allocation
|
page read and write
|
||
|
81E000
|
heap
|
page read and write
|
||
|
5895000
|
trusted library allocation
|
page read and write
|
||
|
5580000
|
heap
|
page execute and read and write
|
||
|
1155000
|
heap
|
page read and write
|
||
|
5E80000
|
trusted library allocation
|
page execute and read and write
|
||
|
5870000
|
heap
|
page execute and read and write
|
||
|
7AB000
|
stack
|
page read and write
|
||
|
7BF000
|
heap
|
page read and write
|
||
|
19B0000
|
heap
|
page read and write
|
||
|
58E000
|
unkown
|
page read and write
|
||
|
7CD000
|
heap
|
page read and write
|
||
|
327E000
|
stack
|
page read and write
|
||
|
13F3000
|
trusted library allocation
|
page execute and read and write
|
||
|
10F7000
|
stack
|
page read and write
|
||
|
50CE000
|
stack
|
page read and write
|
||
|
741000
|
heap
|
page read and write
|
||
|
7BA000
|
heap
|
page read and write
|
||
|
2A7D000
|
trusted library allocation
|
page read and write
|
||
|
5841000
|
trusted library allocation
|
page read and write
|
||
|
B8E000
|
stack
|
page read and write
|
||
|
166E000
|
heap
|
page read and write
|
||
|
7AC000
|
heap
|
page read and write
|
||
|
7CD000
|
heap
|
page read and write
|
||
|
5702000
|
trusted library allocation
|
page read and write
|
||
|
2AA8000
|
trusted library allocation
|
page read and write
|
||
|
510E000
|
stack
|
page read and write
|
||
|
15ED000
|
trusted library allocation
|
page execute and read and write
|
||
|
B82000
|
unkown
|
page readonly
|
||
|
78A000
|
heap
|
page read and write
|
||
|
2FE5000
|
trusted library allocation
|
page read and write
|
||
|
570E000
|
trusted library allocation
|
page read and write
|
||
|
662E000
|
stack
|
page read and write
|
||
|
10C0000
|
heap
|
page read and write
|
||
|
28F0000
|
heap
|
page read and write
|
||
|
78D000
|
heap
|
page read and write
|
||
|
5475000
|
trusted library allocation
|
page read and write
|
||
|
2D30000
|
heap
|
page read and write
|
||
|
773000
|
heap
|
page read and write
|
||
|
5A8E000
|
stack
|
page read and write
|
||
|
1724000
|
heap
|
page read and write
|
||
|
76B000
|
heap
|
page read and write
|
||
|
78A000
|
heap
|
page read and write
|
||
|
768000
|
heap
|
page read and write
|
||
|
1408000
|
trusted library allocation
|
page read and write
|
||
|
776000
|
heap
|
page read and write
|
||
|
4C0A000
|
heap
|
page read and write
|
||
|
1430000
|
trusted library allocation
|
page read and write
|
||
|
CEB000
|
stack
|
page read and write
|
||
|
81E000
|
heap
|
page read and write
|
||
|
341C000
|
trusted library allocation
|
page read and write
|
||
|
1424000
|
trusted library allocation
|
page read and write
|
||
|
2F9E000
|
stack
|
page read and write
|
||
|
4C08000
|
heap
|
page read and write
|
||
|
CF4000
|
trusted library allocation
|
page read and write
|
||
|
1170000
|
heap
|
page read and write
|
||
|
7C2000
|
heap
|
page read and write
|
||
|
7BF000
|
heap
|
page read and write
|
||
|
1420000
|
trusted library allocation
|
page read and write
|
||
|
7B8000
|
heap
|
page read and write
|
||
|
6700000
|
heap
|
page read and write
|
||
|
29FE000
|
stack
|
page read and write
|
||
|
551E000
|
stack
|
page read and write
|
||
|
7D0000
|
heap
|
page read and write
|
||
|
670C000
|
stack
|
page read and write
|
||
|
5640000
|
heap
|
page read and write
|
||
|
5D8E000
|
stack
|
page read and write
|
||
|
3401000
|
trusted library allocation
|
page read and write
|
||
|
31E1000
|
trusted library allocation
|
page read and write
|
||
|
5716000
|
trusted library allocation
|
page read and write
|
||
|
1460000
|
heap
|
page read and write
|
||
|
778000
|
heap
|
page read and write
|
||
|
4C07000
|
heap
|
page read and write
|
||
|
4BF1000
|
heap
|
page read and write
|
||
|
5820000
|
trusted library allocation
|
page execute and read and write
|
||
|
768000
|
heap
|
page read and write
|
||
|
11A6000
|
heap
|
page read and write
|
||
|
CE3000
|
trusted library allocation
|
page execute and read and write
|
||
|
774000
|
heap
|
page read and write
|
||
|
789000
|
heap
|
page read and write
|
||
|
31B1000
|
trusted library allocation
|
page read and write
|
||
|
5D2F000
|
stack
|
page read and write
|
||
|
5F2F000
|
stack
|
page read and write
|
||
|
66F0000
|
trusted library allocation
|
page read and write
|
||
|
4BFB000
|
heap
|
page read and write
|
||
|
156F000
|
stack
|
page read and write
|
||
|
777000
|
heap
|
page read and write
|
||
|
81E000
|
heap
|
page read and write
|
||
|
2FF0000
|
heap
|
page read and write
|
||
|
3F69000
|
trusted library allocation
|
page read and write
|
||
|
5530000
|
trusted library allocation
|
page read and write
|
||
|
7BA000
|
heap
|
page read and write
|
||
|
1987000
|
trusted library allocation
|
page execute and read and write
|
||
|
1110000
|
heap
|
page read and write
|
||
|
56F4000
|
trusted library allocation
|
page read and write
|
||
|
767000
|
heap
|
page read and write
|
||
|
1660000
|
heap
|
page read and write
|
||
|
2A40000
|
heap
|
page read and write
|
||
|
789000
|
heap
|
page read and write
|
||
|
817000
|
heap
|
page read and write
|
||
|
10B5000
|
heap
|
page read and write
|
||
|
4C01000
|
heap
|
page read and write
|
||
|
5511000
|
trusted library allocation
|
page read and write
|
||
|
7BC000
|
heap
|
page read and write
|
||
|
160A000
|
trusted library allocation
|
page execute and read and write
|
||
|
648F000
|
stack
|
page read and write
|
||
|
15A0000
|
heap
|
page read and write
|
||
|
550E000
|
stack
|
page read and write
|
||
|
2FE0000
|
trusted library allocation
|
page read and write
|
||
|
5826000
|
trusted library allocation
|
page read and write
|
||
|
7CA000
|
heap
|
page read and write
|
||
|
3411000
|
trusted library allocation
|
page read and write
|
||
|
1060000
|
heap
|
page read and write
|
||
|
32A0000
|
trusted library allocation
|
page read and write
|
||
|
B80000
|
unkown
|
page readonly
|
||
|
1640000
|
trusted library allocation
|
page read and write
|
||
|
D8A000
|
heap
|
page read and write
|
||
|
3080000
|
heap
|
page execute and read and write
|
||
|
41B1000
|
trusted library allocation
|
page read and write
|
||
|
7B3000
|
heap
|
page read and write
|
||
|
1150000
|
heap
|
page read and write
|
||
|
B40000
|
heap
|
page read and write
|
||
|
76E000
|
heap
|
page read and write
|
||
|
64CE000
|
stack
|
page read and write
|
||
|
5BCE000
|
stack
|
page read and write
|
||
|
58A0000
|
trusted library allocation
|
page read and write
|
||
|
13BE000
|
stack
|
page read and write
|
||
|
4C08000
|
heap
|
page read and write
|
||
|
1668000
|
heap
|
page read and write
|
||
|
5A90000
|
heap
|
page read and write
|
||
|
78E000
|
heap
|
page read and write
|
||
|
4BFB000
|
heap
|
page read and write
|
||
|
53E0000
|
trusted library allocation
|
page read and write
|
||
|
192F000
|
stack
|
page read and write
|
||
|
1637000
|
trusted library allocation
|
page execute and read and write
|
||
|
5AC8000
|
heap
|
page read and write
|
||
|
5426000
|
trusted library allocation
|
page read and write
|
||
|
7B4000
|
heap
|
page read and write
|
||
|
19A0000
|
trusted library allocation
|
page read and write
|
||
|
D1B000
|
trusted library allocation
|
page execute and read and write
|
||
|
7EF000
|
heap
|
page read and write
|
||
|
56F6000
|
trusted library allocation
|
page read and write
|
||
|
9A0000
|
heap
|
page read and write
|
||
|
731000
|
heap
|
page read and write
|
||
|
7B1000
|
heap
|
page read and write
|
||
|
1796000
|
heap
|
page read and write
|
||
|
41F9000
|
trusted library allocation
|
page read and write
|
||
|
7AC000
|
heap
|
page read and write
|
||
|
5E5000
|
heap
|
page read and write
|
||
|
7BB000
|
heap
|
page read and write
|
||
|
2AA0000
|
trusted library allocation
|
page read and write
|
||
|
78A000
|
heap
|
page read and write
|
||
|
7BA000
|
heap
|
page read and write
|
||
|
2ABD000
|
trusted library allocation
|
page read and write
|
||
|
765000
|
heap
|
page read and write
|
||
|
31CE000
|
stack
|
page read and write
|
||
|
2FC0000
|
trusted library allocation
|
page read and write
|
||
|
4AD0000
|
heap
|
page read and write
|
||
|
33F2000
|
trusted library allocation
|
page read and write
|
||
|
DE7000
|
stack
|
page read and write
|
||
|
777000
|
heap
|
page read and write
|
||
|
720000
|
heap
|
page read and write
|
||
|
1953000
|
trusted library allocation
|
page execute and read and write
|
||
|
2E50000
|
heap
|
page execute and read and write
|
||
|
7AC000
|
heap
|
page read and write
|
||
|
151F000
|
stack
|
page read and write
|
||
|
284E000
|
stack
|
page read and write
|
||
|
4BFB000
|
heap
|
page read and write
|
||
|
1954000
|
trusted library allocation
|
page read and write
|
||
|
1650000
|
trusted library allocation
|
page read and write
|
||
|
5722000
|
trusted library allocation
|
page read and write
|
||
|
3040000
|
trusted library allocation
|
page read and write
|
||
|
15F0000
|
trusted library allocation
|
page read and write
|
||
|
4FE000
|
stack
|
page read and write
|
||
|
6FE000
|
stack
|
page read and write
|
||
|
4BFC000
|
heap
|
page read and write
|
||
|
7C0000
|
heap
|
page read and write
|
||
|
6800000
|
heap
|
page read and write
|
||
|
54CE000
|
stack
|
page read and write
|
||
|
4BDE000
|
stack
|
page read and write
|
||
|
5B8E000
|
stack
|
page read and write
|
||
|
319E000
|
stack
|
page read and write
|
||
|
776000
|
heap
|
page read and write
|
||
|
7BA000
|
heap
|
page read and write
|
||
|
11F7000
|
stack
|
page read and write
|
||
|
54F6000
|
trusted library allocation
|
page read and write
|
||
|
11E0000
|
heap
|
page read and write
|
||
|
1620000
|
trusted library allocation
|
page read and write
|
||
|
7BC000
|
heap
|
page read and write
|
||
|
813000
|
heap
|
page read and write
|
||
|
5820000
|
trusted library allocation
|
page read and write
|
||
|
4BF2000
|
heap
|
page read and write
|
||
|
13DF000
|
stack
|
page read and write
|
||
|
14E0000
|
heap
|
page read and write
|
||
|
7B0000
|
heap
|
page read and write
|
||
|
1330000
|
heap
|
page read and write
|
||
|
1610000
|
heap
|
page read and write
|
||
|
1199000
|
heap
|
page read and write
|
||
|
5410000
|
trusted library allocation
|
page read and write
|
||
|
7B6000
|
heap
|
page read and write
|
||
|
43E1000
|
trusted library allocation
|
page read and write
|
||
|
5A8E000
|
stack
|
page read and write
|
||
|
5F6E000
|
stack
|
page read and write
|
||
|
145E000
|
stack
|
page read and write
|
||
|
5C0C000
|
stack
|
page read and write
|
||
|
7B0000
|
heap
|
page read and write
|
||
|
1120000
|
heap
|
page read and write
|
||
|
4FB000
|
stack
|
page read and write
|
||
|
815000
|
heap
|
page read and write
|
||
|
32D0000
|
heap
|
page read and write
|
||
|
C0C000
|
unkown
|
page readonly
|
||
|
3074000
|
trusted library allocation
|
page read and write
|
||
|
7AC000
|
heap
|
page read and write
|
||
|
14B0000
|
heap
|
page read and write
|
||
|
570A000
|
trusted library allocation
|
page read and write
|
||
|
1193000
|
heap
|
page read and write
|
||
|
1590000
|
heap
|
page read and write
|
||
|
58D0000
|
trusted library allocation
|
page read and write
|
||
|
5516000
|
trusted library allocation
|
page read and write
|
||
|
7C0000
|
heap
|
page read and write
|
||
|
582B000
|
trusted library allocation
|
page read and write
|
||
|
15F3000
|
trusted library allocation
|
page read and write
|
||
|
16F4000
|
heap
|
page read and write
|
||
|
BE0000
|
heap
|
page read and write
|
||
|
1178000
|
heap
|
page read and write
|
||
|
2FC4000
|
trusted library allocation
|
page read and write
|
||
|
5CAE000
|
stack
|
page read and write
|
||
|
78E000
|
heap
|
page read and write
|
||
|
80E000
|
heap
|
page read and write
|
||
|
5BC9000
|
stack
|
page read and write
|
||
|
5414000
|
trusted library allocation
|
page read and write
|
||
|
1410000
|
heap
|
page read and write
|
||
|
D50000
|
trusted library allocation
|
page read and write
|
||
|
1465000
|
heap
|
page read and write
|
||
|
7B6000
|
heap
|
page read and write
|
||
|
31F9000
|
trusted library allocation
|
page read and write
|
||
|
5508000
|
trusted library allocation
|
page read and write
|
||
|
2AA4000
|
trusted library allocation
|
page read and write
|
||
|
78E000
|
heap
|
page read and write
|
||
|
13C0000
|
heap
|
page read and write
|
||
|
2E40000
|
trusted library allocation
|
page execute and read and write
|
||
|
1410000
|
heap
|
page read and write
|
||
|
734000
|
heap
|
page read and write
|
||
|
776000
|
heap
|
page read and write
|
||
|
7C8000
|
heap
|
page read and write
|
||
|
5421000
|
trusted library allocation
|
page read and write
|
||
|
5C0E000
|
stack
|
page read and write
|
||
|
2A76000
|
trusted library allocation
|
page read and write
|
||
|
163B000
|
trusted library allocation
|
page execute and read and write
|
||
|
3F61000
|
trusted library allocation
|
page read and write
|
||
|
4BFD000
|
heap
|
page read and write
|
||
|
52AC000
|
stack
|
page read and write
|
||
|
5DEE000
|
stack
|
page read and write
|
||
|
2AD0000
|
heap
|
page execute and read and write
|
||
|
684E000
|
stack
|
page read and write
|
||
|
1627000
|
trusted library allocation
|
page execute and read and write
|
||
|
56FE000
|
trusted library allocation
|
page read and write
|
||
|
9B0000
|
heap
|
page read and write
|
||
|
5860000
|
trusted library allocation
|
page read and write
|
||
|
31A0000
|
heap
|
page execute and read and write
|
||
|
16A0000
|
heap
|
page read and write
|
||
|
5C8E000
|
stack
|
page read and write
|
||
|
559E000
|
stack
|
page read and write
|
||
|
7C2000
|
heap
|
page read and write
|
||
|
54F4000
|
trusted library allocation
|
page read and write
|
||
|
2A80000
|
heap
|
page execute and read and write
|
||
|
2A90000
|
trusted library allocation
|
page read and write
|
||
|
56F0000
|
trusted library allocation
|
page read and write
|
||
|
9B6000
|
heap
|
page read and write
|
||
|
DAB000
|
stack
|
page read and write
|
||
|
16DD000
|
stack
|
page read and write
|
||
|
58CE000
|
stack
|
page read and write
|
||
|
10BE000
|
stack
|
page read and write
|
||
|
5450000
|
trusted library allocation
|
page read and write
|
||
|
763000
|
heap
|
page read and write
|
||
|
3280000
|
trusted library allocation
|
page execute and read and write
|
||
|
5E40000
|
heap
|
page read and write
|
||
|
763000
|
heap
|
page read and write
|
||
|
81E000
|
heap
|
page read and write
|
||
|
588E000
|
stack
|
page read and write
|
||
|
7C5000
|
heap
|
page read and write
|
||
|
5BAE000
|
stack
|
page read and write
|
||
|
5460000
|
trusted library allocation
|
page read and write
|
||
|
76B000
|
heap
|
page read and write
|
||
|
10AE000
|
stack
|
page read and write
|
||
|
1050000
|
heap
|
page read and write
|
||
|
D60000
|
heap
|
page read and write
|
||
|
1622000
|
trusted library allocation
|
page read and write
|
||
|
1403000
|
trusted library allocation
|
page read and write
|
||
|
17B3000
|
heap
|
page read and write
|
||
|
813000
|
heap
|
page read and write
|
||
|
1970000
|
trusted library allocation
|
page read and write
|
||
|
1202000
|
heap
|
page read and write
|
||
|
583E000
|
trusted library allocation
|
page read and write
|
||
|
2D50000
|
heap
|
page read and write
|
||
|
3290000
|
heap
|
page execute and read and write
|
||
|
54F0000
|
trusted library allocation
|
page read and write
|
||
|
7C6000
|
heap
|
page read and write
|
||
|
5080000
|
heap
|
page read and write
|
||
|
5504000
|
trusted library allocation
|
page read and write
|
||
|
2FD0000
|
trusted library allocation
|
page read and write
|
||
|
2AB6000
|
trusted library allocation
|
page read and write
|
||
|
540000
|
heap
|
page read and write
|
||
|
7C9000
|
heap
|
page read and write
|
||
|
7C6000
|
heap
|
page read and write
|
||
|
812000
|
heap
|
page read and write
|
||
|
7B2000
|
heap
|
page read and write
|
||
|
674E000
|
stack
|
page read and write
|
||
|
7AC000
|
heap
|
page read and write
|
||
|
5BD0000
|
heap
|
page read and write
|
||
|
1470000
|
trusted library allocation
|
page read and write
|
||
|
1223000
|
heap
|
page read and write
|
||
|
7C2000
|
heap
|
page read and write
|
||
|
CD0000
|
trusted library allocation
|
page read and write
|
||
|
1930000
|
trusted library allocation
|
page read and write
|
||
|
541E000
|
trusted library allocation
|
page read and write
|
||
|
76E000
|
heap
|
page read and write
|
||
|
13F0000
|
trusted library allocation
|
page read and write
|
||
|
5ABD000
|
heap
|
page read and write
|
||
|
51D8000
|
trusted library allocation
|
page read and write
|
||
|
7CD000
|
heap
|
page read and write
|
||
|
144A000
|
trusted library allocation
|
page execute and read and write
|
||
|
58E3000
|
heap
|
page read and write
|
||
|
509E000
|
stack
|
page read and write
|
||
|
776000
|
heap
|
page read and write
|
||
|
1434000
|
trusted library allocation
|
page read and write
|
||
|
65CF000
|
stack
|
page read and write
|
||
|
32C0000
|
trusted library allocation
|
page read and write
|
||
|
5855000
|
trusted library allocation
|
page read and write
|
||
|
1950000
|
trusted library allocation
|
page read and write
|
||
|
2AB1000
|
trusted library allocation
|
page read and write
|
||
|
7CD000
|
heap
|
page read and write
|
||
|
1247000
|
heap
|
page read and write
|
||
|
53CE000
|
stack
|
page read and write
|
||
|
5E0000
|
heap
|
page read and write
|
||
|
540B000
|
trusted library allocation
|
page read and write
|
||
|
1460000
|
heap
|
page read and write
|
||
|
10B0000
|
heap
|
page read and write
|
||
|
1207000
|
heap
|
page read and write
|
||
|
5435000
|
trusted library allocation
|
page read and write
|
||
|
D40000
|
trusted library allocation
|
page execute and read and write
|
||
|
5E2E000
|
stack
|
page read and write
|
||
|
4F40000
|
trusted library allocation
|
page read and write
|
||
|
1214000
|
heap
|
page read and write
|
||
|
598E000
|
stack
|
page read and write
|
||
|
31D1000
|
trusted library allocation
|
page read and write
|
||
|
16DF000
|
stack
|
page read and write
|
||
|
7BF000
|
heap
|
page read and write
|
||
|
E23000
|
heap
|
page read and write
|
||
|
137E000
|
stack
|
page read and write
|
||
|
7B1000
|
heap
|
page read and write
|
||
|
638F000
|
stack
|
page read and write
|
||
|
169E000
|
stack
|
page read and write
|
||
|
815000
|
heap
|
page read and write
|
||
|
1410000
|
trusted library allocation
|
page read and write
|
||
|
319E000
|
stack
|
page read and write
|
||
|
5456000
|
trusted library allocation
|
page read and write
|
||
|
54FB000
|
trusted library allocation
|
page read and write
|
||
|
2A70000
|
trusted library allocation
|
page read and write
|
||
|
1718000
|
heap
|
page read and write
|
||
|
16D2000
|
heap
|
page read and write
|
||
|
562E000
|
stack
|
page read and write
|
||
|
4BF1000
|
heap
|
page read and write
|
||
|
32B0000
|
trusted library allocation
|
page read and write
|
||
|
DDF000
|
heap
|
page read and write
|
||
|
81B000
|
heap
|
page read and write
|
||
|
76C000
|
heap
|
page read and write
|
||
|
D30000
|
trusted library allocation
|
page read and write
|
||
|
5550000
|
heap
|
page execute and read and write
|
||
|
57CE000
|
stack
|
page read and write
|
||
|
590000
|
heap
|
page read and write
|
||
|
7B6000
|
heap
|
page read and write
|
||
|
1596000
|
heap
|
page read and write
|
||
|
4C08000
|
heap
|
page read and write
|
||
|
5A0E000
|
stack
|
page read and write
|
||
|
4BD0000
|
heap
|
page read and write
|
||
|
2A94000
|
trusted library allocation
|
page read and write
|
||
|
778000
|
heap
|
page read and write
|
||
|
307D000
|
trusted library allocation
|
page read and write
|
||
|
741000
|
heap
|
page read and write
|
||
|
1400000
|
heap
|
page read and write
|
||
|
5AC5000
|
heap
|
page read and write
|
||
|
4FAE000
|
stack
|
page read and write
|
||
|
814000
|
heap
|
page read and write
|
||
|
550E000
|
trusted library allocation
|
page read and write
|
||
|
2A60000
|
trusted library allocation
|
page read and write
|
||
|
2A3E000
|
stack
|
page read and write
|
||
|
5C4A000
|
stack
|
page read and write
|
||
|
55EE000
|
stack
|
page read and write
|
||
|
763000
|
heap
|
page read and write
|
||
|
5745000
|
trusted library allocation
|
page read and write
|
||
|
B10000
|
heap
|
page read and write
|
||
|
560E000
|
stack
|
page read and write
|
||
|
2D9E000
|
stack
|
page read and write
|
||
|
634E000
|
stack
|
page read and write
|
||
|
1457000
|
trusted library allocation
|
page execute and read and write
|
||
|
7B3000
|
heap
|
page read and write
|
||
|
765000
|
heap
|
page read and write
|
||
|
5A0000
|
heap
|
page read and write
|
||
|
7B4000
|
heap
|
page read and write
|
||
|
7C2000
|
heap
|
page read and write
|
||
|
4F35000
|
trusted library allocation
|
page read and write
|
||
|
7AC000
|
heap
|
page read and write
|
||
|
3429000
|
trusted library allocation
|
page read and write
|
||
|
D0A000
|
trusted library allocation
|
page execute and read and write
|
||
|
628E000
|
stack
|
page read and write
|
||
|
2A9B000
|
trusted library allocation
|
page read and write
|
||
|
162B000
|
trusted library allocation
|
page execute and read and write
|
||
|
D68000
|
heap
|
page read and write
|
||
|
16F0000
|
heap
|
page read and write
|
||
|
581C000
|
stack
|
page read and write
|
||
|
1650000
|
trusted library allocation
|
page execute and read and write
|
||
|
12BF000
|
heap
|
page read and write
|
||
|
763000
|
heap
|
page read and write
|
||
|
5869000
|
trusted library allocation
|
page read and write
|
||
|
768000
|
heap
|
page read and write
|
||
|
5750000
|
trusted library allocation
|
page read and write
|
||
|
768000
|
heap
|
page read and write
|
||
|
76A000
|
heap
|
page read and write
|
||
|
7AC000
|
heap
|
page read and write
|
||
|
76F000
|
heap
|
page read and write
|
||
|
1630000
|
trusted library allocation
|
page read and write
|
||
|
5A24000
|
heap
|
page read and write
|
||
|
15FD000
|
trusted library allocation
|
page execute and read and write
|
||
|
BCE000
|
stack
|
page read and write
|
||
|
7B6000
|
heap
|
page read and write
|
||
|
2A96000
|
trusted library allocation
|
page read and write
|
||
|
80F000
|
heap
|
page read and write
|
||
|
5A1F000
|
heap
|
page read and write
|
||
|
14AE000
|
stack
|
page read and write
|
||
|
789000
|
heap
|
page read and write
|
||
|
3423000
|
trusted library allocation
|
page read and write
|
||
|
7B5000
|
heap
|
page read and write
|
||
|
7AC000
|
heap
|
page read and write
|
||
|
5C2E000
|
stack
|
page read and write
|
||
|
13F4000
|
trusted library allocation
|
page read and write
|
||
|
1968000
|
trusted library allocation
|
page read and write
|
||
|
13E0000
|
trusted library allocation
|
page read and write
|
||
|
198B000
|
trusted library allocation
|
page execute and read and write
|
||
|
11CE000
|
stack
|
page read and write
|
There are 598 hidden memdumps, click here to show them.