Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
iWJawitjEV.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v2.0_32\UsageLogs\iWJawitjEV.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\confuse\chargeable.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v2.0_32\UsageLogs\chargeable.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
\Device\ConDrv
|
ASCII text, with CRLF line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\iWJawitjEV.exe
|
"C:\Users\user\Desktop\iWJawitjEV.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\confuse\chargeable.exe
|
"C:\Users\user\AppData\Roaming\confuse\chargeable.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\confuse\chargeable.exe
|
C:\Users\user\AppData\Roaming\confuse\chargeable.exe
|
|
|
|
C:\Users\user\AppData\Roaming\confuse\chargeable.exe
|
"C:\Users\user\AppData\Roaming\confuse\chargeable.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\confuse\chargeable.exe
|
C:\Users\user\AppData\Roaming\confuse\chargeable.exe
|
|
|
|
C:\Users\user\AppData\Roaming\confuse\chargeable.exe
|
C:\Users\user\AppData\Roaming\confuse\chargeable.exe
|
|
|
|
C:\Windows\SysWOW64\netsh.exe
|
netsh firewall add allowedprogram "C:\Users\user\AppData\Roaming\confuse\chargeable.exe" "chargeable.exe" ENABLE
|
|
|
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 7756 -s 80
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
doddyfire.linkpc.net
|
|
||
|
http://www.apache.org/licenses/LICENSE-2.0
|
unknown
|
||
|
http://www.fontbureau.com
|
unknown
|
||
|
http://www.fontbureau.com/designersG
|
unknown
|
||
|
http://www.fontbureau.com/designers/?
|
unknown
|
||
|
http://www.founder.com.cn/cn/bThe
|
unknown
|
||
|
http://www.fontbureau.com/designers?
|
unknown
|
||
|
http://www.tiro.com
|
unknown
|
||
|
http://www.fontbureau.com/designers
|
unknown
|
||
|
http://www.goodfont.co.kr
|
unknown
|
||
|
http://www.carterandcone.coml
|
unknown
|
||
|
http://www.sajatypeworks.com
|
unknown
|
||
|
http://www.typography.netD
|
unknown
|
||
|
http://www.fontbureau.com/designers/cabarga.htmlN
|
unknown
|
||
|
http://www.founder.com.cn/cn/cThe
|
unknown
|
||
|
http://www.galapagosdesign.com/staff/dennis.htm
|
unknown
|
||
|
http://www.founder.com.cn/cn
|
unknown
|
||
|
http://www.fontbureau.com/designers/frere-user.html
|
unknown
|
||
|
https://www.sysinternals.com0
|
unknown
|
||
|
http://www.jiyu-kobo.co.jp/
|
unknown
|
||
|
http://www.galapagosdesign.com/DPlease
|
unknown
|
||
|
http://www.fontbureau.com/designers8
|
unknown
|
||
|
http://www.fonts.com
|
unknown
|
||
|
http://www.sandoll.co.kr
|
unknown
|
||
|
http://www.urwpp.deDPlease
|
unknown
|
||
|
http://www.zhongyicts.com.cn
|
unknown
|
||
|
http://www.sakkal.com
|
unknown
|
There are 17 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
doddyfire.linkpc.net
|
196.65.173.92
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
196.65.173.92
|
doddyfire.linkpc.net
|
Morocco
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
confuse
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
SysMain
|
|
|
|
HKEY_CURRENT_USER
|
di
|
|
|
|
HKEY_CURRENT_USER\Environment
|
SEE_MASK_NOZONECHECKS
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\e1a87040f2026369a233f9ae76301b7b
|
[kl]
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2E11000
|
trusted library allocation
|
page read and write
|
|
|
|
402000
|
remote allocation
|
page execute and read and write
|
|
|
|
A0E000
|
unkown
|
page read and write
|
||
|
142A000
|
trusted library allocation
|
page execute and read and write
|
||
|
FE0000
|
trusted library allocation
|
page read and write
|
||
|
3161000
|
trusted library allocation
|
page read and write
|
||
|
1445000
|
heap
|
page read and write
|
||
|
1644000
|
heap
|
page read and write
|
||
|
CB6000
|
heap
|
page read and write
|
||
|
13EA000
|
trusted library allocation
|
page execute and read and write
|
||
|
6DEE000
|
heap
|
page read and write
|
||
|
558E000
|
stack
|
page read and write
|
||
|
12F9000
|
stack
|
page read and write
|
||
|
6A02000
|
trusted library allocation
|
page read and write
|
||
|
B3E000
|
heap
|
page read and write
|
||
|
56F0000
|
heap
|
page read and write
|
||
|
1590000
|
trusted library allocation
|
page read and write
|
||
|
5350000
|
heap
|
page read and write
|
||
|
CEE000
|
stack
|
page read and write
|
||
|
174E000
|
stack
|
page read and write
|
||
|
ADC000
|
heap
|
page read and write
|
||
|
1550000
|
heap
|
page execute and read and write
|
||
|
13E2000
|
trusted library allocation
|
page execute and read and write
|
||
|
6CC0000
|
heap
|
page read and write
|
||
|
AFE000
|
heap
|
page read and write
|
||
|
3DC000
|
stack
|
page read and write
|
||
|
10C2000
|
trusted library allocation
|
page execute and read and write
|
||
|
1107000
|
trusted library allocation
|
page execute and read and write
|
||
|
A87000
|
heap
|
page read and write
|
||
|
1437000
|
trusted library allocation
|
page execute and read and write
|
||
|
56D0000
|
heap
|
page read and write
|
||
|
1170000
|
heap
|
page read and write
|
||
|
1567000
|
trusted library allocation
|
page execute and read and write
|
||
|
AAB000
|
stack
|
page read and write
|
||
|
10C8000
|
heap
|
page read and write
|
||
|
A10000
|
heap
|
page read and write
|
||
|
582A000
|
heap
|
page read and write
|
||
|
3168000
|
trusted library allocation
|
page read and write
|
||
|
4F4E000
|
heap
|
page read and write
|
||
|
154F000
|
stack
|
page read and write
|
||
|
B3E000
|
heap
|
page read and write
|
||
|
B3F000
|
heap
|
page read and write
|
||
|
1052000
|
trusted library allocation
|
page execute and read and write
|
||
|
584E000
|
heap
|
page read and write
|
||
|
128E000
|
stack
|
page read and write
|
||
|
156A000
|
trusted library allocation
|
page execute and read and write
|
||
|
EE5000
|
heap
|
page read and write
|
||
|
1080000
|
trusted library allocation
|
page read and write
|
||
|
5A3C000
|
stack
|
page read and write
|
||
|
AC3000
|
heap
|
page read and write
|
||
|
6E5E000
|
stack
|
page read and write
|
||
|
1540000
|
trusted library allocation
|
page execute and read and write
|
||
|
52BE000
|
stack
|
page read and write
|
||
|
1160000
|
heap
|
page read and write
|
||
|
AA8000
|
heap
|
page read and write
|
||
|
1104000
|
heap
|
page read and write
|
||
|
105A000
|
trusted library allocation
|
page execute and read and write
|
||
|
1044000
|
heap
|
page read and write
|
||
|
50BC000
|
stack
|
page read and write
|
||
|
A97000
|
heap
|
page read and write
|
||
|
30D1000
|
trusted library allocation
|
page read and write
|
||
|
1580000
|
heap
|
page read and write
|
||
|
12BF000
|
stack
|
page read and write
|
||
|
ABC000
|
heap
|
page read and write
|
||
|
1618000
|
heap
|
page read and write
|
||
|
AA9000
|
heap
|
page read and write
|
||
|
4990000
|
heap
|
page read and write
|
||
|
B48000
|
heap
|
page read and write
|
||
|
B4B000
|
heap
|
page read and write
|
||
|
AC5000
|
heap
|
page read and write
|
||
|
F7E000
|
stack
|
page read and write
|
||
|
5380000
|
heap
|
page read and write
|
||
|
140A000
|
trusted library allocation
|
page execute and read and write
|
||
|
B96000
|
stack
|
page read and write
|
||
|
155A000
|
trusted library allocation
|
page execute and read and write
|
||
|
1166000
|
heap
|
page read and write
|
||
|
561E000
|
stack
|
page read and write
|
||
|
B23000
|
heap
|
page read and write
|
||
|
56B000
|
stack
|
page read and write
|
||
|
5850000
|
heap
|
page read and write
|
||
|
B23000
|
heap
|
page read and write
|
||
|
EE0000
|
heap
|
page read and write
|
||
|
69FE000
|
stack
|
page read and write
|
||
|
5575000
|
heap
|
page read and write
|
||
|
169B000
|
heap
|
page read and write
|
||
|
ACF000
|
heap
|
page read and write
|
||
|
AFE000
|
heap
|
page read and write
|
||
|
2D81000
|
trusted library allocation
|
page read and write
|
||
|
57FD000
|
stack
|
page read and write
|
||
|
A9B000
|
heap
|
page read and write
|
||
|
AFA000
|
heap
|
page read and write
|
||
|
10CA000
|
trusted library allocation
|
page execute and read and write
|
||
|
1120000
|
heap
|
page read and write
|
||
|
5230000
|
trusted library allocation
|
page read and write
|
||
|
4FC0000
|
heap
|
page read and write
|
||
|
5810000
|
heap
|
page read and write
|
||
|
40D1000
|
trusted library allocation
|
page read and write
|
||
|
889E000
|
stack
|
page read and write
|
||
|
F3A000
|
stack
|
page read and write
|
||
|
AA2000
|
heap
|
page read and write
|
||
|
4F4E000
|
heap
|
page read and write
|
||
|
AFA000
|
heap
|
page read and write
|
||
|
899E000
|
stack
|
page read and write
|
||
|
89DE000
|
stack
|
page read and write
|
||
|
D3A000
|
heap
|
page read and write
|
||
|
D6F000
|
heap
|
page read and write
|
||
|
4F41000
|
heap
|
page read and write
|
||
|
DC9000
|
heap
|
page read and write
|
||
|
143A000
|
trusted library allocation
|
page execute and read and write
|
||
|
10D0000
|
trusted library allocation
|
page read and write
|
||
|
1347000
|
trusted library allocation
|
page execute and read and write
|
||
|
AA8000
|
heap
|
page read and write
|
||
|
5830000
|
heap
|
page read and write
|
||
|
105C000
|
trusted library allocation
|
page execute and read and write
|
||
|
4F42000
|
heap
|
page read and write
|
||
|
1197000
|
heap
|
page read and write
|
||
|
5570000
|
heap
|
page read and write
|
||
|
AD8000
|
heap
|
page read and write
|
||
|
548E000
|
stack
|
page read and write
|
||
|
10C0000
|
heap
|
page read and write
|
||
|
5670000
|
heap
|
page read and write
|
||
|
F30000
|
heap
|
page read and write
|
||
|
12F6000
|
stack
|
page read and write
|
||
|
D20000
|
trusted library allocation
|
page read and write
|
||
|
A9A000
|
stack
|
page read and write
|
||
|
1562000
|
trusted library allocation
|
page read and write
|
||
|
4F5E000
|
stack
|
page read and write
|
||
|
AC4000
|
heap
|
page read and write
|
||
|
BF0000
|
heap
|
page read and write
|
||
|
155C000
|
trusted library allocation
|
page execute and read and write
|
||
|
5373000
|
heap
|
page read and write
|
||
|
13D0000
|
heap
|
page read and write
|
||
|
1550000
|
trusted library allocation
|
page read and write
|
||
|
307B000
|
trusted library allocation
|
page read and write
|
||
|
A8F000
|
heap
|
page read and write
|
||
|
13BE000
|
stack
|
page read and write
|
||
|
53DE000
|
stack
|
page read and write
|
||
|
1410000
|
heap
|
page read and write
|
||
|
8D6F000
|
stack
|
page read and write
|
||
|
FE3000
|
heap
|
page read and write
|
||
|
AD8000
|
heap
|
page read and write
|
||
|
ABC000
|
heap
|
page read and write
|
||
|
A97000
|
heap
|
page read and write
|
||
|
167E000
|
heap
|
page read and write
|
||
|
3602000
|
trusted library allocation
|
page read and write
|
||
|
B99000
|
stack
|
page read and write
|
||
|
51DE000
|
stack
|
page read and write
|
||
|
BD5000
|
heap
|
page read and write
|
||
|
8C1C000
|
stack
|
page read and write
|
||
|
10B4000
|
trusted library allocation
|
page read and write
|
||
|
B40000
|
heap
|
page read and write
|
||
|
ADB000
|
heap
|
page read and write
|
||
|
AA6000
|
heap
|
page read and write
|
||
|
5320000
|
trusted library allocation
|
page read and write
|
||
|
AFE000
|
heap
|
page read and write
|
||
|
A97000
|
heap
|
page read and write
|
||
|
722E000
|
stack
|
page read and write
|
||
|
5630000
|
heap
|
page read and write
|
||
|
1400000
|
trusted library allocation
|
page read and write
|
||
|
3041000
|
trusted library allocation
|
page read and write
|
||
|
4044000
|
trusted library allocation
|
page read and write
|
||
|
8FB000
|
stack
|
page read and write
|
||
|
10DA000
|
trusted library allocation
|
page execute and read and write
|
||
|
AC8000
|
heap
|
page read and write
|
||
|
AD1000
|
heap
|
page read and write
|
||
|
709E000
|
stack
|
page read and write
|
||
|
10CE000
|
heap
|
page read and write
|
||
|
8FE000
|
stack
|
page read and write
|
||
|
AD1000
|
heap
|
page read and write
|
||
|
1310000
|
trusted library allocation
|
page execute and read and write
|
||
|
527C000
|
stack
|
page read and write
|
||
|
A50000
|
heap
|
page read and write
|
||
|
E40000
|
heap
|
page read and write
|
||
|
ACE000
|
heap
|
page read and write
|
||
|
309F000
|
trusted library allocation
|
page read and write
|
||
|
5E0000
|
heap
|
page read and write
|
||
|
CB0000
|
heap
|
page read and write
|
||
|
3561000
|
trusted library allocation
|
page read and write
|
||
|
C4F000
|
unkown
|
page read and write
|
||
|
1140000
|
heap
|
page read and write
|
||
|
1047000
|
heap
|
page read and write
|
||
|
B44000
|
heap
|
page read and write
|
||
|
103F000
|
stack
|
page read and write
|
||
|
109D000
|
stack
|
page read and write
|
||
|
ACB000
|
heap
|
page read and write
|
||
|
159B000
|
trusted library allocation
|
page execute and read and write
|
||
|
5B40000
|
heap
|
page read and write
|
||
|
5220000
|
trusted library allocation
|
page read and write
|
||
|
B45000
|
heap
|
page read and write
|
||
|
69BE000
|
stack
|
page read and write
|
||
|
143B000
|
trusted library allocation
|
page execute and read and write
|
||
|
5A0000
|
heap
|
page read and write
|
||
|
EF9000
|
stack
|
page read and write
|
||
|
C70000
|
heap
|
page read and write
|
||
|
6CE9000
|
heap
|
page read and write
|
||
|
ACC000
|
heap
|
page read and write
|
||
|
B49000
|
heap
|
page read and write
|
||
|
5360000
|
trusted library allocation
|
page execute and read and write
|
||
|
130F000
|
stack
|
page read and write
|
||
|
106A000
|
trusted library allocation
|
page execute and read and write
|
||
|
13F0000
|
trusted library allocation
|
page read and write
|
||
|
FA0000
|
heap
|
page read and write
|
||
|
AF9000
|
stack
|
page read and write
|
||
|
1010000
|
heap
|
page read and write
|
||
|
1824000
|
heap
|
page read and write
|
||
|
6DE0000
|
heap
|
page read and write
|
||
|
5370000
|
heap
|
page read and write
|
||
|
17CE000
|
stack
|
page read and write
|
||
|
FF2000
|
trusted library allocation
|
page execute and read and write
|
||
|
B4B000
|
heap
|
page read and write
|
||
|
35B0000
|
trusted library allocation
|
page read and write
|
||
|
1000000
|
heap
|
page read and write
|
||
|
1074000
|
heap
|
page read and write
|
||
|
E95000
|
heap
|
page read and write
|
||
|
58C3000
|
heap
|
page read and write
|
||
|
AA6000
|
heap
|
page read and write
|
||
|
4F59000
|
heap
|
page read and write
|
||
|
10EE000
|
stack
|
page read and write
|
||
|
13E0000
|
heap
|
page read and write
|
||
|
1067000
|
trusted library allocation
|
page execute and read and write
|
||
|
B20000
|
heap
|
page read and write
|
||
|
178C000
|
stack
|
page read and write
|
||
|
ADC000
|
heap
|
page read and write
|
||
|
AF6000
|
stack
|
page read and write
|
||
|
15DE000
|
stack
|
page read and write
|
||
|
A9A000
|
heap
|
page read and write
|
||
|
4F41000
|
heap
|
page read and write
|
||
|
5330000
|
trusted library allocation
|
page execute and read and write
|
||
|
1432000
|
trusted library allocation
|
page execute and read and write
|
||
|
1034000
|
heap
|
page read and write
|
||
|
10EA000
|
trusted library allocation
|
page execute and read and write
|
||
|
ADC000
|
heap
|
page read and write
|
||
|
3FE1000
|
trusted library allocation
|
page read and write
|
||
|
13C0000
|
heap
|
page read and write
|
||
|
4FA0000
|
trusted library allocation
|
page read and write
|
||
|
1530000
|
heap
|
page read and write
|
||
|
8C6E000
|
stack
|
page read and write
|
||
|
AAB000
|
heap
|
page read and write
|
||
|
ACC000
|
heap
|
page read and write
|
||
|
5340000
|
heap
|
page read and write
|
||
|
1810000
|
trusted library allocation
|
page read and write
|
||
|
68BE000
|
stack
|
page read and write
|
||
|
35F1000
|
trusted library allocation
|
page read and write
|
||
|
5823000
|
heap
|
page read and write
|
||
|
1820000
|
heap
|
page read and write
|
||
|
5B3D000
|
stack
|
page read and write
|
||
|
6AFE000
|
stack
|
page read and write
|
||
|
ADC000
|
heap
|
page read and write
|
||
|
AFA000
|
heap
|
page read and write
|
||
|
1050000
|
trusted library allocation
|
page read and write
|
||
|
A5A000
|
heap
|
page read and write
|
||
|
16A8000
|
heap
|
page read and write
|
||
|
57B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
AFE000
|
heap
|
page read and write
|
||
|
6CD0000
|
heap
|
page read and write
|
||
|
AD5000
|
heap
|
page read and write
|
||
|
ACD000
|
heap
|
page read and write
|
||
|
1332000
|
trusted library allocation
|
page execute and read and write
|
||
|
AD8000
|
heap
|
page read and write
|
||
|
1610000
|
heap
|
page read and write
|
||
|
B01000
|
heap
|
page read and write
|
||
|
1087000
|
trusted library allocation
|
page execute and read and write
|
||
|
1681000
|
heap
|
page read and write
|
||
|
1310000
|
trusted library allocation
|
page read and write
|
||
|
2A3E000
|
stack
|
page read and write
|
||
|
111E000
|
stack
|
page read and write
|
||
|
1316000
|
trusted library allocation
|
page execute and read and write
|
||
|
AFF000
|
heap
|
page read and write
|
||
|
AFA000
|
heap
|
page read and write
|
||
|
F2E000
|
stack
|
page read and write
|
||
|
110B000
|
trusted library allocation
|
page execute and read and write
|
||
|
56FE000
|
stack
|
page read and write
|
||
|
5339000
|
stack
|
page read and write
|
||
|
5680000
|
trusted library allocation
|
page execute and read and write
|
||
|
52FE000
|
stack
|
page read and write
|
||
|
5250000
|
trusted library allocation
|
page read and write
|
||
|
DA9000
|
heap
|
page read and write
|
||
|
AD8000
|
heap
|
page read and write
|
||
|
73DE000
|
stack
|
page read and write
|
||
|
528B000
|
stack
|
page read and write
|
||
|
1190000
|
heap
|
page read and write
|
||
|
E00000
|
heap
|
page read and write
|
||
|
8F4000
|
stack
|
page read and write
|
||
|
5580000
|
heap
|
page read and write
|
||
|
4F4E000
|
heap
|
page read and write
|
||
|
17E0000
|
heap
|
page execute and read and write
|
||
|
13F2000
|
trusted library allocation
|
page execute and read and write
|
||
|
885F000
|
stack
|
page read and write
|
||
|
7EA000
|
stack
|
page read and write
|
||
|
58B0000
|
trusted library section
|
page readonly
|
||
|
ACC000
|
heap
|
page read and write
|
||
|
154E000
|
stack
|
page read and write
|
||
|
1059000
|
heap
|
page read and write
|
||
|
A70000
|
heap
|
page read and write
|
||
|
AFE000
|
heap
|
page read and write
|
||
|
B8A000
|
stack
|
page read and write
|
||
|
112C000
|
stack
|
page read and write
|
||
|
10FA000
|
trusted library allocation
|
page execute and read and write
|
||
|
ABD000
|
heap
|
page read and write
|
||
|
1139000
|
heap
|
page read and write
|
||
|
4F4F000
|
heap
|
page read and write
|
||
|
107A000
|
trusted library allocation
|
page execute and read and write
|
||
|
4007000
|
trusted library allocation
|
page read and write
|
||
|
5890000
|
heap
|
page read and write
|
||
|
529E000
|
stack
|
page read and write
|
||
|
13FA000
|
trusted library allocation
|
page execute and read and write
|
||
|
1440000
|
heap
|
page read and write
|
||
|
147E000
|
stack
|
page read and write
|
||
|
1422000
|
trusted library allocation
|
page execute and read and write
|
||
|
AD1000
|
heap
|
page read and write
|
||
|
A83000
|
heap
|
page read and write
|
||
|
AFA000
|
heap
|
page read and write
|
||
|
1530000
|
trusted library allocation
|
page execute and read and write
|
||
|
13FC000
|
trusted library allocation
|
page execute and read and write
|
||
|
5340000
|
heap
|
page read and write
|
||
|
315E000
|
trusted library allocation
|
page read and write
|
||
|
15E0000
|
heap
|
page execute and read and write
|
||
|
113D000
|
heap
|
page read and write
|
||
|
71DF000
|
stack
|
page read and write
|
||
|
A82000
|
heap
|
page read and write
|
||
|
AFE000
|
heap
|
page read and write
|
||
|
FB8000
|
heap
|
page read and write
|
||
|
17F0000
|
trusted library allocation
|
page read and write
|
||
|
53C0000
|
unclassified section
|
page read and write
|
||
|
AA8000
|
heap
|
page read and write
|
||
|
A70000
|
heap
|
page read and write
|
||
|
192E000
|
stack
|
page read and write
|
||
|
56E0000
|
trusted library section
|
page read and write
|
||
|
551E000
|
stack
|
page read and write
|
||
|
B23000
|
heap
|
page read and write
|
||
|
DA5000
|
heap
|
page read and write
|
||
|
1177000
|
heap
|
page read and write
|
||
|
AC8000
|
heap
|
page read and write
|
||
|
14DE000
|
stack
|
page read and write
|
||
|
AFE000
|
heap
|
page read and write
|
||
|
1060000
|
trusted library allocation
|
page read and write
|
||
|
5294000
|
trusted library section
|
page readonly
|
||
|
72D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1414000
|
heap
|
page read and write
|
||
|
730000
|
heap
|
page read and write
|
||
|
A85000
|
heap
|
page read and write
|
||
|
54B0000
|
heap
|
page read and write
|
||
|
1420000
|
trusted library allocation
|
page read and write
|
||
|
152F000
|
trusted library allocation
|
page read and write
|
||
|
33A8000
|
trusted library allocation
|
page read and write
|
||
|
AE2000
|
unkown
|
page readonly
|
||
|
196E000
|
stack
|
page read and write
|
||
|
AFA000
|
heap
|
page read and write
|
||
|
58F0000
|
heap
|
page read and write
|
||
|
D30000
|
heap
|
page read and write
|
||
|
1580000
|
heap
|
page read and write
|
||
|
1312000
|
trusted library allocation
|
page execute and read and write
|
||
|
A9D000
|
heap
|
page read and write
|
||
|
4041000
|
trusted library allocation
|
page read and write
|
||
|
AD5000
|
heap
|
page read and write
|
||
|
AD3000
|
heap
|
page read and write
|
||
|
5A5000
|
heap
|
page read and write
|
||
|
5B50000
|
heap
|
page read and write
|
||
|
1130000
|
heap
|
page read and write
|
||
|
57FE000
|
stack
|
page read and write
|
||
|
10A0000
|
heap
|
page read and write
|
||
|
1970000
|
heap
|
page read and write
|
||
|
FE0000
|
heap
|
page read and write
|
||
|
BD0000
|
heap
|
page read and write
|
||
|
B9E000
|
stack
|
page read and write
|
||
|
526E000
|
stack
|
page read and write
|
||
|
6680000
|
heap
|
page read and write
|
||
|
A90000
|
heap
|
page read and write
|
||
|
AD9000
|
heap
|
page read and write
|
||
|
3035000
|
trusted library allocation
|
page read and write
|
||
|
1320000
|
heap
|
page execute and read and write
|
||
|
DAD000
|
heap
|
page read and write
|
||
|
B3E000
|
heap
|
page read and write
|
||
|
AFE000
|
heap
|
page read and write
|
||
|
ADC000
|
heap
|
page read and write
|
||
|
6DE0000
|
trusted library allocation
|
page read and write
|
||
|
AD3000
|
heap
|
page read and write
|
||
|
4561000
|
trusted library allocation
|
page read and write
|
||
|
6FE000
|
stack
|
page read and write
|
||
|
52FC000
|
stack
|
page read and write
|
||
|
6B3E000
|
stack
|
page read and write
|
||
|
70DE000
|
stack
|
page read and write
|
||
|
1597000
|
trusted library allocation
|
page execute and read and write
|
||
|
5695000
|
heap
|
page read and write
|
||
|
4F20000
|
heap
|
page read and write
|
||
|
AA3000
|
heap
|
page read and write
|
||
|
151E000
|
stack
|
page read and write
|
||
|
A9F000
|
heap
|
page read and write
|
||
|
AD4000
|
heap
|
page read and write
|
||
|
B23000
|
heap
|
page read and write
|
||
|
AA1000
|
heap
|
page read and write
|
||
|
5800000
|
heap
|
page read and write
|
||
|
AD1000
|
heap
|
page read and write
|
||
|
1100000
|
trusted library allocation
|
page read and write
|
||
|
2C9E000
|
stack
|
page read and write
|
||
|
FD0000
|
heap
|
page read and write
|
||
|
1520000
|
trusted library allocation
|
page read and write
|
||
|
B3E000
|
heap
|
page read and write
|
||
|
6C3E000
|
stack
|
page read and write
|
||
|
F2E000
|
stack
|
page read and write
|
||
|
59FE000
|
stack
|
page read and write
|
||
|
AA6000
|
heap
|
page read and write
|
||
|
6F9E000
|
stack
|
page read and write
|
||
|
1407000
|
trusted library allocation
|
page execute and read and write
|
||
|
AA2000
|
heap
|
page read and write
|
||
|
1552000
|
trusted library allocation
|
page execute and read and write
|
||
|
5895000
|
heap
|
page read and write
|
||
|
51BE000
|
stack
|
page read and write
|
||
|
1432000
|
trusted library allocation
|
page read and write
|
||
|
10B0000
|
trusted library allocation
|
page read and write
|
||
|
5F0000
|
heap
|
page read and write
|
||
|
4F56000
|
heap
|
page read and write
|
||
|
10F2000
|
trusted library allocation
|
page execute and read and write
|
||
|
1042000
|
trusted library allocation
|
page execute and read and write
|
||
|
FFA000
|
trusted library allocation
|
page execute and read and write
|
||
|
134B000
|
trusted library allocation
|
page execute and read and write
|
||
|
6F5F000
|
stack
|
page read and write
|
||
|
1540000
|
heap
|
page execute and read and write
|
||
|
3D81000
|
trusted library allocation
|
page read and write
|
||
|
2E0E000
|
trusted library allocation
|
page read and write
|
||
|
AA0000
|
heap
|
page read and write
|
||
|
5640000
|
trusted library section
|
page readonly
|
||
|
BD5000
|
heap
|
page read and write
|
||
|
562B000
|
stack
|
page read and write
|
||
|
F30000
|
heap
|
page read and write
|
||
|
1340000
|
trusted library allocation
|
page read and write
|
||
|
AFA000
|
heap
|
page read and write
|
||
|
4F4F000
|
heap
|
page read and write
|
||
|
157A000
|
trusted library allocation
|
page execute and read and write
|
||
|
DBF000
|
heap
|
page read and write
|
||
|
102D000
|
heap
|
page read and write
|
||
|
B47000
|
heap
|
page read and write
|
||
|
EF6000
|
stack
|
page read and write
|
||
|
7F360000
|
trusted library allocation
|
page execute and read and write
|
||
|
108B000
|
trusted library allocation
|
page execute and read and write
|
||
|
120F000
|
stack
|
page read and write
|
||
|
8B1B000
|
stack
|
page read and write
|
||
|
54DE000
|
stack
|
page read and write
|
||
|
53B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
10D2000
|
trusted library allocation
|
page execute and read and write
|
||
|
1102000
|
trusted library allocation
|
page read and write
|
||
|
AFA000
|
heap
|
page read and write
|
||
|
8660000
|
heap
|
page read and write
|
||
|
1180000
|
heap
|
page read and write
|
||
|
CF0000
|
heap
|
page read and write
|
||
|
157E000
|
stack
|
page read and write
|
||
|
B4B000
|
heap
|
page read and write
|
||
|
AFF000
|
heap
|
page read and write
|
||
|
1049000
|
heap
|
page read and write
|
||
|
AAB000
|
heap
|
page read and write
|
||
|
539F000
|
stack
|
page read and write
|
||
|
1062000
|
trusted library allocation
|
page read and write
|
||
|
1402000
|
trusted library allocation
|
page read and write
|
||
|
4F4A000
|
heap
|
page read and write
|
||
|
1010000
|
heap
|
page read and write
|
||
|
128F000
|
stack
|
page read and write
|
||
|
4ECF000
|
stack
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
FB0000
|
heap
|
page read and write
|
||
|
1430000
|
trusted library allocation
|
page read and write
|
||
|
AD9000
|
heap
|
page read and write
|
||
|
1151000
|
heap
|
page read and write
|
||
|
AD4000
|
heap
|
page read and write
|
||
|
712E000
|
stack
|
page read and write
|
||
|
ABE000
|
heap
|
page read and write
|
||
|
5690000
|
heap
|
page read and write
|
||
|
B3E000
|
heap
|
page read and write
|
||
|
B40000
|
heap
|
page read and write
|
||
|
5840000
|
heap
|
page read and write
|
||
|
3633000
|
trusted library allocation
|
page read and write
|
||
|
138E000
|
stack
|
page read and write
|
||
|
58B4000
|
trusted library section
|
page readonly
|
||
|
5340000
|
trusted library allocation
|
page read and write
|
||
|
5AF0000
|
heap
|
page read and write
|
||
|
F90000
|
heap
|
page read and write
|
||
|
A9B000
|
heap
|
page read and write
|
||
|
1072000
|
trusted library allocation
|
page execute and read and write
|
||
|
8EE000
|
stack
|
page read and write
|
||
|
AC3000
|
heap
|
page read and write
|
||
|
687F000
|
stack
|
page read and write
|
||
|
15DC000
|
stack
|
page read and write
|
||
|
BA6000
|
stack
|
page read and write
|
||
|
1572000
|
trusted library allocation
|
page execute and read and write
|
||
|
AE0000
|
unkown
|
page readonly
|
||
|
B3E000
|
heap
|
page read and write
|
||
|
321F000
|
stack
|
page read and write
|
||
|
10A0000
|
heap
|
page read and write
|
||
|
1560000
|
trusted library allocation
|
page read and write
|
||
|
56F3000
|
heap
|
page read and write
|
||
|
1520000
|
trusted library allocation
|
page read and write
|
||
|
104A000
|
trusted library allocation
|
page execute and read and write
|
||
|
4F4E000
|
heap
|
page read and write
|
||
|
E3E000
|
stack
|
page read and write
|
||
|
58A0000
|
heap
|
page read and write
|
||
|
54D0000
|
trusted library allocation
|
page read and write
|
||
|
ADB000
|
heap
|
page read and write
|
||
|
3058000
|
trusted library allocation
|
page read and write
|
||
|
1026000
|
heap
|
page read and write
|
||
|
ABC000
|
heap
|
page read and write
|
||
|
AFE000
|
heap
|
page read and write
|
||
|
AC2000
|
heap
|
page read and write
|
||
|
ABC000
|
heap
|
page read and write
|
||
|
554E000
|
stack
|
page read and write
|
||
|
69E0000
|
trusted library allocation
|
page read and write
|
||
|
AD6000
|
heap
|
page read and write
|
||
|
4F58000
|
heap
|
page read and write
|
||
|
AC9000
|
heap
|
page read and write
|
||
|
52BB000
|
stack
|
page read and write
|
||
|
AFE000
|
heap
|
page read and write
|
||
|
2B9E000
|
stack
|
page read and write
|
||
|
164E000
|
heap
|
page read and write
|
||
|
1800000
|
trusted library allocation
|
page execute and read and write
|
||
|
AD0000
|
heap
|
page read and write
|
||
|
1180000
|
heap
|
page read and write
|
||
|
5343000
|
heap
|
page read and write
|
||
|
51CE000
|
stack
|
page read and write
|
||
|
58C0000
|
heap
|
page read and write
|
||
|
BF0000
|
heap
|
page read and write
|
||
|
547D000
|
stack
|
page read and write
|
||
|
D3E000
|
heap
|
page read and write
|
||
|
1018000
|
heap
|
page read and write
|
||
|
875E000
|
stack
|
page read and write
|
||
|
4F1E000
|
stack
|
page read and write
|
||
|
13D0000
|
trusted library allocation
|
page read and write
|
||
|
4F57000
|
heap
|
page read and write
|
||
|
4F9E000
|
stack
|
page read and write
|
||
|
8ADE000
|
stack
|
page read and write
|
||
|
11AD000
|
heap
|
page read and write
|
||
|
AC5000
|
heap
|
page read and write
|
||
|
B23000
|
heap
|
page read and write
|
||
|
FDE000
|
stack
|
page read and write
|
||
|
ACC000
|
heap
|
page read and write
|
||
|
AFA000
|
heap
|
page read and write
|
||
|
50CE000
|
stack
|
page read and write
|
||
|
5290000
|
trusted library section
|
page readonly
|
||
|
3635000
|
trusted library allocation
|
page read and write
|
||
|
6CDE000
|
heap
|
page read and write
|
||
|
59F0000
|
heap
|
page read and write
|
||
|
AFA000
|
heap
|
page read and write
|
||
|
72DE000
|
stack
|
page read and write
|
||
|
ACC000
|
heap
|
page read and write
|
||
|
2FE1000
|
trusted library allocation
|
page read and write
|
||
|
E90000
|
heap
|
page read and write
|
||
|
668E000
|
heap
|
page read and write
|
||
|
5590000
|
heap
|
page read and write
|
||
|
131C000
|
trusted library allocation
|
page execute and read and write
|
||
|
360F000
|
trusted library allocation
|
page read and write
|
||
|
BD0000
|
heap
|
page read and write
|
||
|
1012000
|
heap
|
page read and write
|
||
|
B50000
|
heap
|
page read and write
|
||
|
105E000
|
stack
|
page read and write
|
||
|
1160000
|
trusted library allocation
|
page read and write
|
||
|
B23000
|
heap
|
page read and write
|
||
|
10E7000
|
trusted library allocation
|
page execute and read and write
|
||
|
AC2000
|
heap
|
page read and write
|
||
|
4FE8000
|
trusted library allocation
|
page read and write
|
There are 546 hidden memdumps, click here to show them.