Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
HUED23EDE5UGRFQ.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\ProgramData\remcos\logs.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\HUED23EDE5UGRFQ.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\tmpAF95.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\jdSldfVS.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\jdSldfVS.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\jdSldfVS.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\json[1].json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_3qoqftdm.xej.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_drg11gux.d1n.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_eydoxywx.z2h.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_fqhikuo2.jtt.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_jt3rqlf2.rqb.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_vrrnp4pv.kln.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_wg514shz.w0u.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_xdgz0ssf.ujp.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmpBFB2.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
There are 8 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\HUED23EDE5UGRFQ.exe
|
"C:\Users\user\Desktop\HUED23EDE5UGRFQ.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\Desktop\HUED23EDE5UGRFQ.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\AppData\Roaming\jdSldfVS.exe"
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\jdSldfVS" /XML "C:\Users\user\AppData\Local\Temp\tmpAF95.tmp"
|
|
|
|
C:\Users\user\Desktop\HUED23EDE5UGRFQ.exe
|
"C:\Users\user\Desktop\HUED23EDE5UGRFQ.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\jdSldfVS.exe
|
C:\Users\user\AppData\Roaming\jdSldfVS.exe
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\jdSldfVS" /XML "C:\Users\user\AppData\Local\Temp\tmpBFB2.tmp"
|
|
|
|
C:\Users\user\AppData\Roaming\jdSldfVS.exe
|
"C:\Users\user\AppData\Roaming\jdSldfVS.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\jdSldfVS.exe
|
"C:\Users\user\AppData\Roaming\jdSldfVS.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\jdSldfVS.exe
|
"C:\Users\user\AppData\Roaming\jdSldfVS.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\wbem\WmiPrvSE.exe
|
C:\Windows\system32\wbem\wmiprvse.exe -secured -Embedding
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 5 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
94.156.69.93
|
|
||
|
http://geoplugin.net/json.gp
|
178.237.33.50
|
||
|
http://geoplugin.net/json.gp/C
|
unknown
|
||
|
http://geoplugin.net/json.gpl
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://geoplugin.net/json.gpiiB
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
geoplugin.net
|
178.237.33.50
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
94.156.69.93
|
unknown
|
Bulgaria
|
|
|
|
178.237.33.50
|
geoplugin.net
|
Netherlands
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Rmc-HKC0PV
|
exepath
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Rmc-HKC0PV
|
licence
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Rmc-HKC0PV
|
time
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
34F6000
|
trusted library allocation
|
page read and write
|
|
|
|
1007000
|
heap
|
page read and write
|
|
|
|
2B6F000
|
stack
|
page read and write
|
|
|
|
BDA000
|
heap
|
page read and write
|
|
|
|
4278000
|
trusted library allocation
|
page read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
7D4E000
|
stack
|
page read and write
|
||
|
A70000
|
trusted library allocation
|
page read and write
|
||
|
1346000
|
heap
|
page read and write
|
||
|
7AB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
763000
|
heap
|
page read and write
|
||
|
A40000
|
trusted library allocation
|
page read and write
|
||
|
59F0000
|
trusted library allocation
|
page read and write
|
||
|
4A85000
|
heap
|
page read and write
|
||
|
2E6E000
|
stack
|
page read and write
|
||
|
49C0000
|
trusted library allocation
|
page read and write
|
||
|
AE0000
|
heap
|
page read and write
|
||
|
70DD000
|
stack
|
page read and write
|
||
|
7160000
|
trusted library allocation
|
page read and write
|
||
|
AE7000
|
heap
|
page read and write
|
||
|
31F7000
|
trusted library allocation
|
page read and write
|
||
|
1552000
|
trusted library allocation
|
page read and write
|
||
|
72BF000
|
stack
|
page read and write
|
||
|
5720000
|
trusted library allocation
|
page execute and read and write
|
||
|
5A10000
|
heap
|
page execute and read and write
|
||
|
79FC000
|
trusted library allocation
|
page read and write
|
||
|
7E5000
|
heap
|
page read and write
|
||
|
7DE000
|
stack
|
page read and write
|
||
|
7060000
|
trusted library allocation
|
page read and write
|
||
|
15E0000
|
heap
|
page read and write
|
||
|
15A7000
|
heap
|
page read and write
|
||
|
2D0F000
|
unkown
|
page read and write
|
||
|
1360000
|
heap
|
page read and write
|
||
|
6A40000
|
trusted library section
|
page read and write
|
||
|
5840000
|
heap
|
page read and write
|
||
|
A24000
|
trusted library allocation
|
page read and write
|
||
|
4CE0000
|
heap
|
page execute and read and write
|
||
|
30AB000
|
stack
|
page read and write
|
||
|
A2ED000
|
stack
|
page read and write
|
||
|
3AFF000
|
stack
|
page read and write
|
||
|
6D0000
|
heap
|
page read and write
|
||
|
78EE000
|
stack
|
page read and write
|
||
|
76AF000
|
stack
|
page read and write
|
||
|
1078000
|
heap
|
page read and write
|
||
|
17EE000
|
stack
|
page read and write
|
||
|
6B50000
|
trusted library allocation
|
page execute and read and write
|
||
|
57E0000
|
trusted library allocation
|
page read and write
|
||
|
1590000
|
trusted library allocation
|
page execute and read and write
|
||
|
2A5E000
|
stack
|
page read and write
|
||
|
A3EE000
|
stack
|
page read and write
|
||
|
3F00000
|
heap
|
page read and write
|
||
|
75BF000
|
stack
|
page read and write
|
||
|
AB1E000
|
stack
|
page read and write
|
||
|
7DC000
|
heap
|
page read and write
|
||
|
4FA0000
|
trusted library allocation
|
page read and write
|
||
|
75AE000
|
stack
|
page read and write
|
||
|
5830000
|
heap
|
page read and write
|
||
|
152E000
|
stack
|
page read and write
|
||
|
73BD000
|
stack
|
page read and write
|
||
|
A400000
|
trusted library allocation
|
page read and write
|
||
|
5654000
|
trusted library allocation
|
page read and write
|
||
|
29B0000
|
heap
|
page read and write
|
||
|
293A000
|
stack
|
page read and write
|
||
|
6C62000
|
trusted library allocation
|
page read and write
|
||
|
132A000
|
heap
|
page read and write
|
||
|
2DE0000
|
heap
|
page read and write
|
||
|
A42000
|
trusted library allocation
|
page read and write
|
||
|
5843000
|
heap
|
page read and write
|
||
|
A1F000
|
stack
|
page read and write
|
||
|
3550000
|
trusted library allocation
|
page read and write
|
||
|
550000
|
heap
|
page read and write
|
||
|
7A3000
|
heap
|
page read and write
|
||
|
4A7B000
|
stack
|
page read and write
|
||
|
58C0000
|
heap
|
page read and write
|
||
|
27D0000
|
trusted library allocation
|
page read and write
|
||
|
1534000
|
trusted library allocation
|
page read and write
|
||
|
478000
|
remote allocation
|
page execute and read and write
|
||
|
243D000
|
trusted library allocation
|
page read and write
|
||
|
590E000
|
stack
|
page read and write
|
||
|
1580000
|
trusted library allocation
|
page read and write
|
||
|
29CE000
|
unkown
|
page read and write
|
||
|
679F000
|
stack
|
page read and write
|
||
|
805E000
|
stack
|
page read and write
|
||
|
1533000
|
trusted library allocation
|
page execute and read and write
|
||
|
4A20000
|
trusted library allocation
|
page execute and read and write
|
||
|
3211000
|
trusted library allocation
|
page read and write
|
||
|
A20000
|
trusted library allocation
|
page read and write
|
||
|
5DBE000
|
stack
|
page read and write
|
||
|
2CAC000
|
stack
|
page read and write
|
||
|
540000
|
heap
|
page read and write
|
||
|
AC30000
|
trusted library allocation
|
page read and write
|
||
|
30B0000
|
trusted library allocation
|
page read and write
|
||
|
4211000
|
trusted library allocation
|
page read and write
|
||
|
7BFD000
|
stack
|
page read and write
|
||
|
2FCE000
|
stack
|
page read and write
|
||
|
13D2000
|
heap
|
page read and write
|
||
|
FB5000
|
heap
|
page read and write
|
||
|
12CF000
|
stack
|
page read and write
|
||
|
E8E000
|
stack
|
page read and write
|
||
|
9D10000
|
trusted library allocation
|
page execute and read and write
|
||
|
1530000
|
trusted library allocation
|
page read and write
|
||
|
30C0000
|
heap
|
page read and write
|
||
|
A23000
|
trusted library allocation
|
page execute and read and write
|
||
|
79EE000
|
stack
|
page read and write
|
||
|
5697000
|
trusted library allocation
|
page read and write
|
||
|
2A70000
|
heap
|
page read and write
|
||
|
4970000
|
trusted library allocation
|
page read and write
|
||
|
2491000
|
trusted library allocation
|
page read and write
|
||
|
2899000
|
stack
|
page read and write
|
||
|
710000
|
trusted library allocation
|
page read and write
|
||
|
9D5E000
|
stack
|
page read and write
|
||
|
1543000
|
trusted library allocation
|
page read and write
|
||
|
5C20000
|
heap
|
page read and write
|
||
|
28B0000
|
heap
|
page read and write
|
||
|
68DF000
|
stack
|
page read and write
|
||
|
12F8000
|
stack
|
page read and write
|
||
|
155A000
|
trusted library allocation
|
page execute and read and write
|
||
|
4DED000
|
stack
|
page read and write
|
||
|
58C5000
|
heap
|
page read and write
|
||
|
A89C000
|
stack
|
page read and write
|
||
|
302F000
|
stack
|
page read and write
|
||
|
471000
|
remote allocation
|
page execute and read and write
|
||
|
3F10000
|
heap
|
page read and write
|
||
|
1550000
|
trusted library allocation
|
page read and write
|
||
|
59EE000
|
stack
|
page read and write
|
||
|
FB0000
|
heap
|
page read and write
|
||
|
57F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
760000
|
heap
|
page read and write
|
||
|
22E0000
|
trusted library allocation
|
page read and write
|
||
|
B3E000
|
stack
|
page read and write
|
||
|
5CD000
|
stack
|
page read and write
|
||
|
5676000
|
trusted library allocation
|
page read and write
|
||
|
49F3000
|
heap
|
page read and write
|
||
|
5920000
|
heap
|
page read and write
|
||
|
A30000
|
trusted library allocation
|
page read and write
|
||
|
71BE000
|
stack
|
page read and write
|
||
|
5671000
|
trusted library allocation
|
page read and write
|
||
|
5700000
|
trusted library allocation
|
page read and write
|
||
|
588B000
|
stack
|
page read and write
|
||
|
A5B000
|
trusted library allocation
|
page execute and read and write
|
||
|
2DED000
|
stack
|
page read and write
|
||
|
FB0000
|
heap
|
page read and write
|
||
|
3200000
|
heap
|
page execute and read and write
|
||
|
2FD8000
|
trusted library allocation
|
page read and write
|
||
|
2C6F000
|
stack
|
page read and write
|
||
|
29FE000
|
unkown
|
page read and write
|
||
|
80B000
|
heap
|
page read and write
|
||
|
22CB000
|
stack
|
page read and write
|
||
|
530C000
|
stack
|
page read and write
|
||
|
ABE000
|
stack
|
page read and write
|
||
|
58B0000
|
trusted library allocation
|
page read and write
|
||
|
2436000
|
trusted library allocation
|
page read and write
|
||
|
5650000
|
trusted library allocation
|
page read and write
|
||
|
AC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2BA0000
|
heap
|
page read and write
|
||
|
EFD000
|
stack
|
page read and write
|
||
|
2D30000
|
heap
|
page read and write
|
||
|
5B5000
|
heap
|
page read and write
|
||
|
720000
|
heap
|
page read and write
|
||
|
6A93000
|
heap
|
page read and write
|
||
|
16EE000
|
stack
|
page read and write
|
||
|
57DA000
|
trusted library allocation
|
page read and write
|
||
|
1560000
|
trusted library allocation
|
page read and write
|
||
|
13E000
|
unkown
|
page readonly
|
||
|
7E0000
|
heap
|
page read and write
|
||
|
567D000
|
trusted library allocation
|
page read and write
|
||
|
A7AE000
|
stack
|
page read and write
|
||
|
A46000
|
trusted library allocation
|
page execute and read and write
|
||
|
5C0D000
|
stack
|
page read and write
|
||
|
7A40000
|
trusted library allocation
|
page read and write
|
||
|
755000
|
heap
|
page read and write
|
||
|
4219000
|
trusted library allocation
|
page read and write
|
||
|
5910000
|
trusted library allocation
|
page execute and read and write
|
||
|
1DA000
|
stack
|
page read and write
|
||
|
49B0000
|
heap
|
page read and write
|
||
|
6560000
|
heap
|
page read and write
|
||
|
4C40000
|
heap
|
page read and write
|
||
|
2BAB000
|
heap
|
page read and write
|
||
|
474000
|
remote allocation
|
page execute and read and write
|
||
|
4A10000
|
trusted library allocation
|
page read and write
|
||
|
59E000
|
stack
|
page read and write
|
||
|
4DF0000
|
heap
|
page read and write
|
||
|
30B6000
|
trusted library allocation
|
page read and write
|
||
|
1562000
|
trusted library allocation
|
page read and write
|
||
|
9F3E000
|
stack
|
page read and write
|
||
|
72E000
|
heap
|
page read and write
|
||
|
BA0000
|
heap
|
page read and write
|
||
|
56C0000
|
trusted library allocation
|
page read and write
|
||
|
656E000
|
heap
|
page read and write
|
||
|
39FE000
|
stack
|
page read and write
|
||
|
49E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4F90000
|
trusted library allocation
|
page execute and read and write
|
||
|
AADE000
|
stack
|
page read and write
|
||
|
AFC000
|
stack
|
page read and write
|
||
|
B80000
|
heap
|
page read and write
|
||
|
5810000
|
trusted library section
|
page readonly
|
||
|
2EAF000
|
stack
|
page read and write
|
||
|
56B0000
|
trusted library allocation
|
page read and write
|
||
|
7A90000
|
trusted library allocation
|
page read and write
|
||
|
F19000
|
stack
|
page read and write
|
||
|
A99C000
|
stack
|
page read and write
|
||
|
5B0000
|
heap
|
page read and write
|
||
|
6ACE000
|
heap
|
page read and write
|
||
|
4239000
|
trusted library allocation
|
page read and write
|
||
|
242E000
|
trusted library allocation
|
page read and write
|
||
|
4C50000
|
trusted library allocation
|
page read and write
|
||
|
4F8000
|
stack
|
page read and write
|
||
|
91F000
|
stack
|
page read and write
|
||
|
154D000
|
trusted library allocation
|
page execute and read and write
|
||
|
135000
|
unkown
|
page readonly
|
||
|
BCE000
|
stack
|
page read and write
|
||
|
32FC000
|
trusted library allocation
|
page read and write
|
||
|
1041000
|
heap
|
page read and write
|
||
|
5A00000
|
trusted library allocation
|
page execute and read and write
|
||
|
2ABF000
|
stack
|
page read and write
|
||
|
15B0000
|
heap
|
page read and write
|
||
|
77AF000
|
stack
|
page read and write
|
||
|
3499000
|
trusted library allocation
|
page read and write
|
||
|
75C0000
|
trusted library section
|
page read and write
|
||
|
6CE000
|
stack
|
page read and write
|
||
|
2300000
|
heap
|
page execute and read and write
|
||
|
73C000
|
stack
|
page read and write
|
||
|
4570000
|
trusted library allocation
|
page read and write
|
||
|
156B000
|
trusted library allocation
|
page execute and read and write
|
||
|
530000
|
heap
|
page read and write
|
||
|
4C60000
|
heap
|
page read and write
|
||
|
2DAF000
|
stack
|
page read and write
|
||
|
F7E000
|
stack
|
page read and write
|
||
|
6A50000
|
heap
|
page read and write
|
||
|
2D3B000
|
heap
|
page read and write
|
||
|
FB5000
|
heap
|
page read and write
|
||
|
7AFE000
|
stack
|
page read and write
|
||
|
3491000
|
trusted library allocation
|
page read and write
|
||
|
A52000
|
trusted library allocation
|
page read and write
|
||
|
22D0000
|
trusted library allocation
|
page read and write
|
||
|
2410000
|
trusted library allocation
|
page read and write
|
||
|
57D1000
|
trusted library allocation
|
page read and write
|
||
|
4498000
|
trusted library allocation
|
page read and write
|
||
|
2A0F000
|
unkown
|
page read and write
|
||
|
15D0000
|
trusted library allocation
|
page read and write
|
||
|
A1AB000
|
stack
|
page read and write
|
||
|
4A90000
|
trusted library section
|
page readonly
|
||
|
4980000
|
trusted library allocation
|
page read and write
|
||
|
1062000
|
heap
|
page read and write
|
||
|
7175000
|
trusted library allocation
|
page read and write
|
||
|
13C1000
|
heap
|
page read and write
|
||
|
2480000
|
heap
|
page read and write
|
||
|
A33000
|
trusted library allocation
|
page read and write
|
||
|
6A1E000
|
stack
|
page read and write
|
||
|
1320000
|
heap
|
page read and write
|
||
|
73C0000
|
heap
|
page read and write
|
||
|
13F8000
|
heap
|
page read and write
|
||
|
AD0000
|
trusted library allocation
|
page read and write
|
||
|
77B0000
|
heap
|
page read and write
|
||
|
76BE000
|
stack
|
page read and write
|
||
|
15A0000
|
heap
|
page read and write
|
||
|
AC1E000
|
stack
|
page read and write
|
||
|
479F000
|
trusted library allocation
|
page read and write
|
||
|
7A8E000
|
stack
|
page read and write
|
||
|
6ABA000
|
heap
|
page read and write
|
||
|
4C30000
|
heap
|
page read and write
|
||
|
2A10000
|
heap
|
page read and write
|
||
|
A57000
|
trusted library allocation
|
page execute and read and write
|
||
|
A2D000
|
trusted library allocation
|
page execute and read and write
|
||
|
56F0000
|
heap
|
page read and write
|
||
|
28FD000
|
stack
|
page read and write
|
||
|
A4A000
|
trusted library allocation
|
page execute and read and write
|
||
|
BC7000
|
heap
|
page read and write
|
||
|
711D000
|
stack
|
page read and write
|
||
|
7E7000
|
heap
|
page read and write
|
||
|
30B4000
|
trusted library allocation
|
page read and write
|
||
|
F00000
|
heap
|
page read and write
|
||
|
4A80000
|
heap
|
page read and write
|
||
|
1362000
|
heap
|
page read and write
|
||
|
1567000
|
trusted library allocation
|
page execute and read and write
|
||
|
581F000
|
trusted library section
|
page readonly
|
||
|
6A96000
|
heap
|
page read and write
|
||
|
50000
|
unkown
|
page readonly
|
||
|
5C10000
|
heap
|
page read and write
|
||
|
4A01000
|
trusted library allocation
|
page read and write
|
||
|
566E000
|
trusted library allocation
|
page read and write
|
||
|
BD0000
|
heap
|
page read and write
|
||
|
153D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2450000
|
trusted library allocation
|
page read and write
|
||
|
7E8E000
|
stack
|
page read and write
|
||
|
6A20000
|
trusted library allocation
|
page execute and read and write
|
||
|
F80000
|
heap
|
page read and write
|
||
|
43EE000
|
trusted library allocation
|
page read and write
|
||
|
462C000
|
stack
|
page read and write
|
||
|
FFB000
|
stack
|
page read and write
|
||
|
2F2E000
|
stack
|
page read and write
|
||
|
44B5000
|
trusted library allocation
|
page read and write
|
||
|
4E20000
|
heap
|
page read and write
|
||
|
1310000
|
trusted library allocation
|
page read and write
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
31D0000
|
trusted library allocation
|
page read and write
|
||
|
73B0000
|
heap
|
page read and write
|
||
|
2D10000
|
heap
|
page read and write
|
||
|
34B9000
|
trusted library allocation
|
page read and write
|
||
|
67DE000
|
stack
|
page read and write
|
||
|
132E000
|
heap
|
page read and write
|
||
|
BC0000
|
heap
|
page read and write
|
||
|
46E5000
|
trusted library allocation
|
page read and write
|
||
|
7F740000
|
trusted library allocation
|
page execute and read and write
|
||
|
2431000
|
trusted library allocation
|
page read and write
|
||
|
A3D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7170000
|
trusted library allocation
|
page read and write
|
||
|
A12F000
|
stack
|
page read and write
|
||
|
F8F000
|
stack
|
page read and write
|
||
|
2980000
|
heap
|
page read and write
|
||
|
F70000
|
heap
|
page read and write
|
||
|
5820000
|
heap
|
page read and write
|
||
|
790000
|
heap
|
page read and write
|
||
|
7A00000
|
trusted library allocation
|
page read and write
|
||
|
77D5000
|
heap
|
page read and write
|
||
|
669E000
|
stack
|
page read and write
|
||
|
130000
|
unkown
|
page readonly
|
||
|
240E000
|
stack
|
page read and write
|
||
|
31CF000
|
stack
|
page read and write
|
||
|
7A95000
|
trusted library allocation
|
page read and write
|
||
|
F30000
|
heap
|
page read and write
|
||
|
6A7B000
|
heap
|
page read and write
|
||
|
A9DE000
|
stack
|
page read and write
|
||
|
4E00000
|
heap
|
page read and write
|
||
|
7E4E000
|
stack
|
page read and write
|
||
|
366E000
|
trusted library allocation
|
page read and write
|
||
|
2EEF000
|
stack
|
page read and write
|
||
|
1556000
|
trusted library allocation
|
page execute and read and write
|
||
|
106F000
|
heap
|
page read and write
|
||
|
A2AC000
|
stack
|
page read and write
|
||
|
474000
|
remote allocation
|
page execute and read and write
|
||
|
7050000
|
trusted library allocation
|
page read and write
|
||
|
2EF0000
|
heap
|
page read and write
|
||
|
462A000
|
trusted library allocation
|
page read and write
|
||
|
1000000
|
heap
|
page read and write
|
||
|
5690000
|
trusted library allocation
|
page read and write
|
||
|
1540000
|
trusted library allocation
|
page read and write
|
||
|
31F0000
|
trusted library allocation
|
page read and write
|
||
|
7C00000
|
heap
|
page read and write
|
||
|
B2C000
|
stack
|
page read and write
|
||
|
7F0000
|
heap
|
page read and write
|
||
|
FFD000
|
stack
|
page read and write
|
||
|
79F0000
|
trusted library allocation
|
page read and write
|
||
|
7040000
|
trusted library section
|
page read and write
|
||
|
691E000
|
stack
|
page read and write
|
||
|
52000
|
unkown
|
page readonly
|
||
|
13AE000
|
heap
|
page read and write
|
||
|
77BE000
|
stack
|
page read and write
|
||
|
73BE000
|
heap
|
page read and write
|
||
|
49F0000
|
heap
|
page read and write
|
||
|
5DE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
13D4000
|
heap
|
page read and write
|
||
|
9D9E000
|
stack
|
page read and write
|
There are 343 hidden memdumps, click here to show them.