Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
ORDER-7019-2024.js
|
ASCII text, with very long lines (7391), with CRLF line terminators
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3D003UC5\don701[1].exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\MUGKZA.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\wscript.exe
|
C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\ORDER-7019-2024.js"
|
|
|
|
C:\Users\user\AppData\Local\Temp\MUGKZA.exe
|
"C:\Users\user\AppData\Local\Temp\MUGKZA.exe"
|
|
|
|
C:\Users\user\AppData\Local\Temp\MUGKZA.exe
|
"C:\Users\user\AppData\Local\Temp\MUGKZA.exe"
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://192.210.215.11/zoom/don701.exe
|
192.210.215.11
|
|
|
|
http://crl.pki.goog/gsr1/gsr1.crl0;
|
unknown
|
||
|
http://o.pki.goog/wr20%
|
unknown
|
||
|
http://192.210.215.11/zoom/don701.exeni%;
|
unknown
|
||
|
https://account.dyn.com/
|
unknown
|
||
|
http://c.pki.goog/r/r1.crl0
|
unknown
|
||
|
http://i.pki.goog/r1.crt0
|
unknown
|
||
|
http://c.pki.goog/wr2/GSyT1N4PBrg.crl0
|
unknown
|
||
|
http://pki.goog/gsr1/gsr1.crt02
|
unknown
|
||
|
http://o.pki.goog3
|
unknown
|
||
|
http://smtp.gmail.com
|
unknown
|
||
|
http://i.pki.goog/wr2.crt0
|
unknown
|
||
|
https://support.google.com/a/answer/166852
|
unknown
|
||
|
http://192.210.215.11/zoom/don701.exe4
|
unknown
|
There are 4 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
smtp.gmail.com
|
142.251.168.109
|
||
|
206.23.85.13.in-addr.arpa
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
192.210.215.11
|
unknown
|
United States
|
|
|
|
74.125.206.108
|
unknown
|
United States
|
||
|
173.194.76.109
|
unknown
|
United States
|
||
|
142.251.168.109
|
smtp.gmail.com
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows Script\Settings\Telemetry\wscript.exe
|
JScriptSetScriptStateStarted
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
402000
|
remote allocation
|
page execute and read and write
|
|
|
|
39A9000
|
trusted library allocation
|
page read and write
|
|
|
|
2664DFDD000
|
heap
|
page read and write
|
||
|
4DF0000
|
trusted library allocation
|
page read and write
|
||
|
2664DFF0000
|
heap
|
page read and write
|
||
|
4EB5000
|
heap
|
page read and write
|
||
|
2664C33B000
|
heap
|
page read and write
|
||
|
5480000
|
trusted library allocation
|
page execute and read and write
|
||
|
2664C172000
|
heap
|
page read and write
|
||
|
2664C33E000
|
heap
|
page read and write
|
||
|
2664EBB0000
|
heap
|
page read and write
|
||
|
2664C172000
|
heap
|
page read and write
|
||
|
2664C33C000
|
heap
|
page read and write
|
||
|
5E1E000
|
stack
|
page read and write
|
||
|
2664DF2D000
|
heap
|
page read and write
|
||
|
4A9E000
|
stack
|
page read and write
|
||
|
AF402FE000
|
stack
|
page read and write
|
||
|
6120000
|
heap
|
page read and write
|
||
|
988000
|
stack
|
page read and write
|
||
|
D7D000
|
trusted library allocation
|
page execute and read and write
|
||
|
AF3FCFE000
|
stack
|
page read and write
|
||
|
BF9000
|
heap
|
page read and write
|
||
|
4DBE000
|
trusted library allocation
|
page read and write
|
||
|
2664DF75000
|
heap
|
page read and write
|
||
|
651E000
|
stack
|
page read and write
|
||
|
39CC000
|
trusted library allocation
|
page read and write
|
||
|
F20000
|
trusted library allocation
|
page read and write
|
||
|
2664DF4F000
|
heap
|
page read and write
|
||
|
2A2A000
|
trusted library allocation
|
page read and write
|
||
|
2965000
|
trusted library allocation
|
page read and write
|
||
|
2A20000
|
trusted library allocation
|
page read and write
|
||
|
2664E608000
|
heap
|
page read and write
|
||
|
6124000
|
heap
|
page read and write
|
||
|
D74000
|
trusted library allocation
|
page read and write
|
||
|
9C5000
|
heap
|
page read and write
|
||
|
C47000
|
heap
|
page read and write
|
||
|
2664DF98000
|
heap
|
page read and write
|
||
|
5410000
|
trusted library allocation
|
page read and write
|
||
|
D60000
|
trusted library allocation
|
page read and write
|
||
|
B05000
|
heap
|
page read and write
|
||
|
4E6E000
|
stack
|
page read and write
|
||
|
504F000
|
stack
|
page read and write
|
||
|
5440000
|
trusted library allocation
|
page read and write
|
||
|
2664C060000
|
heap
|
page read and write
|
||
|
2664C1A3000
|
heap
|
page read and write
|
||
|
2664E2E0000
|
heap
|
page read and write
|
||
|
2664DF63000
|
heap
|
page read and write
|
||
|
A8A000
|
heap
|
page read and write
|
||
|
2664E007000
|
heap
|
page read and write
|
||
|
2664C19A000
|
heap
|
page read and write
|
||
|
AF3F9FD000
|
stack
|
page read and write
|
||
|
AF3FDFE000
|
stack
|
page read and write
|
||
|
4DD2000
|
trusted library allocation
|
page read and write
|
||
|
2664E614000
|
heap
|
page read and write
|
||
|
2664E677000
|
heap
|
page read and write
|
||
|
1000000
|
heap
|
page read and write
|
||
|
440000
|
remote allocation
|
page execute and read and write
|
||
|
2664DF65000
|
heap
|
page read and write
|
||
|
2664ED12000
|
heap
|
page read and write
|
||
|
2664C151000
|
heap
|
page read and write
|
||
|
5DDE000
|
stack
|
page read and write
|
||
|
535E000
|
stack
|
page read and write
|
||
|
2664DF77000
|
heap
|
page read and write
|
||
|
2664E7B0000
|
trusted library allocation
|
page read and write
|
||
|
2664DFFC000
|
heap
|
page read and write
|
||
|
39A5000
|
trusted library allocation
|
page read and write
|
||
|
2664E687000
|
heap
|
page read and write
|
||
|
53C0000
|
trusted library allocation
|
page read and write
|
||
|
F3A000
|
trusted library allocation
|
page execute and read and write
|
||
|
2990000
|
heap
|
page execute and read and write
|
||
|
2664DF3A000
|
heap
|
page read and write
|
||
|
2664DF98000
|
heap
|
page read and write
|
||
|
2AB4000
|
trusted library allocation
|
page read and write
|
||
|
2664C335000
|
heap
|
page read and write
|
||
|
2664DFFA000
|
heap
|
page read and write
|
||
|
2664C050000
|
heap
|
page read and write
|
||
|
552000
|
unkown
|
page readonly
|
||
|
954E000
|
stack
|
page read and write
|
||
|
6670000
|
trusted library allocation
|
page read and write
|
||
|
635C000
|
stack
|
page read and write
|
||
|
29A1000
|
trusted library allocation
|
page read and write
|
||
|
D2D000
|
stack
|
page read and write
|
||
|
2664DF75000
|
heap
|
page read and write
|
||
|
978E000
|
stack
|
page read and write
|
||
|
2664DF77000
|
heap
|
page read and write
|
||
|
A60000
|
heap
|
page read and write
|
||
|
2664DF47000
|
heap
|
page read and write
|
||
|
4E60000
|
heap
|
page execute and read and write
|
||
|
9860000
|
heap
|
page read and write
|
||
|
2664DF98000
|
heap
|
page read and write
|
||
|
518E000
|
stack
|
page read and write
|
||
|
2664DFA9000
|
heap
|
page read and write
|
||
|
2664DFDE000
|
heap
|
page read and write
|
||
|
2664C15C000
|
heap
|
page read and write
|
||
|
4A1E000
|
stack
|
page read and write
|
||
|
2664DF77000
|
heap
|
page read and write
|
||
|
792E000
|
trusted library allocation
|
page read and write
|
||
|
F47000
|
trusted library allocation
|
page execute and read and write
|
||
|
4DA0000
|
trusted library allocation
|
page read and write
|
||
|
2664DF77000
|
heap
|
page read and write
|
||
|
2664E5A0000
|
heap
|
page read and write
|
||
|
2664DF38000
|
heap
|
page read and write
|
||
|
2664DF77000
|
heap
|
page read and write
|
||
|
BAD000
|
trusted library allocation
|
page execute and read and write
|
||
|
6660000
|
trusted library allocation
|
page execute and read and write
|
||
|
B3E000
|
stack
|
page read and write
|
||
|
2664DFFC000
|
heap
|
page read and write
|
||
|
F32000
|
trusted library allocation
|
page read and write
|
||
|
2664C161000
|
heap
|
page read and write
|
||
|
4D60000
|
heap
|
page read and write
|
||
|
7926000
|
trusted library allocation
|
page read and write
|
||
|
104C000
|
stack
|
page read and write
|
||
|
2935000
|
trusted library allocation
|
page read and write
|
||
|
39A1000
|
trusted library allocation
|
page read and write
|
||
|
2A64000
|
trusted library allocation
|
page read and write
|
||
|
2664C1A8000
|
heap
|
page read and write
|
||
|
2664DF77000
|
heap
|
page read and write
|
||
|
39ED000
|
trusted library allocation
|
page read and write
|
||
|
2664C19A000
|
heap
|
page read and write
|
||
|
F60000
|
trusted library allocation
|
page read and write
|
||
|
A0E000
|
stack
|
page read and write
|
||
|
69CE000
|
stack
|
page read and write
|
||
|
AF3F8F4000
|
stack
|
page read and write
|
||
|
D80000
|
heap
|
page read and write
|
||
|
4F30000
|
trusted library section
|
page read and write
|
||
|
2AF3000
|
trusted library allocation
|
page read and write
|
||
|
2664C174000
|
heap
|
page read and write
|
||
|
2664C080000
|
heap
|
page read and write
|
||
|
2664DF75000
|
heap
|
page read and write
|
||
|
F48000
|
trusted library allocation
|
page read and write
|
||
|
2664DF40000
|
heap
|
page read and write
|
||
|
68A0000
|
heap
|
page read and write
|
||
|
2664E612000
|
heap
|
page read and write
|
||
|
AD3000
|
heap
|
page read and write
|
||
|
4F40000
|
heap
|
page read and write
|
||
|
521E000
|
stack
|
page read and write
|
||
|
2664DFBA000
|
heap
|
page read and write
|
||
|
2664DF47000
|
heap
|
page read and write
|
||
|
5BBA000
|
heap
|
page read and write
|
||
|
AF3FFFE000
|
stack
|
page read and write
|
||
|
2664DF38000
|
heap
|
page read and write
|
||
|
5AFE000
|
stack
|
page read and write
|
||
|
531E000
|
stack
|
page read and write
|
||
|
F70000
|
heap
|
page read and write
|
||
|
4E1E000
|
stack
|
page read and write
|
||
|
2664E609000
|
heap
|
page read and write
|
||
|
DD0000
|
heap
|
page read and write
|
||
|
6A50000
|
trusted library allocation
|
page read and write
|
||
|
4D80000
|
trusted library allocation
|
page read and write
|
||
|
2664DF51000
|
heap
|
page read and write
|
||
|
398C000
|
trusted library allocation
|
page read and write
|
||
|
2910000
|
trusted library allocation
|
page read and write
|
||
|
B94000
|
trusted library allocation
|
page read and write
|
||
|
2664DFFA000
|
heap
|
page read and write
|
||
|
5B80000
|
heap
|
page read and write
|
||
|
2664DF25000
|
heap
|
page read and write
|
||
|
2906000
|
trusted library allocation
|
page read and write
|
||
|
2664DF77000
|
heap
|
page read and write
|
||
|
2947000
|
trusted library allocation
|
page read and write
|
||
|
7929000
|
trusted library allocation
|
page read and write
|
||
|
2664E619000
|
heap
|
page read and write
|
||
|
F36000
|
trusted library allocation
|
page execute and read and write
|
||
|
2664DF77000
|
heap
|
page read and write
|
||
|
2921000
|
trusted library allocation
|
page read and write
|
||
|
4DCD000
|
trusted library allocation
|
page read and write
|
||
|
4F20000
|
trusted library allocation
|
page execute and read and write
|
||
|
957000
|
stack
|
page read and write
|
||
|
6890000
|
heap
|
page read and write
|
||
|
2664DF95000
|
heap
|
page read and write
|
||
|
2664DF6D000
|
heap
|
page read and write
|
||
|
2664DF5E000
|
heap
|
page read and write
|
||
|
DB7000
|
trusted library allocation
|
page execute and read and write
|
||
|
4E70000
|
trusted library section
|
page read and write
|
||
|
85B000
|
stack
|
page read and write
|
||
|
F42000
|
trusted library allocation
|
page read and write
|
||
|
9858000
|
heap
|
page read and write
|
||
|
88A000
|
stack
|
page read and write
|
||
|
2664DF6B000
|
heap
|
page read and write
|
||
|
2664C19A000
|
heap
|
page read and write
|
||
|
2664DF3A000
|
heap
|
page read and write
|
||
|
2A5E000
|
trusted library allocation
|
page read and write
|
||
|
2914000
|
trusted library allocation
|
page read and write
|
||
|
AF3FEFF000
|
stack
|
page read and write
|
||
|
509C000
|
stack
|
page read and write
|
||
|
63DE000
|
stack
|
page read and write
|
||
|
2664E695000
|
heap
|
page read and write
|
||
|
2664C19E000
|
heap
|
page read and write
|
||
|
5360000
|
trusted library allocation
|
page read and write
|
||
|
2664DF26000
|
heap
|
page read and write
|
||
|
2664DFF6000
|
heap
|
page read and write
|
||
|
5B3E000
|
stack
|
page read and write
|
||
|
2664E5F3000
|
heap
|
page read and write
|
||
|
2664C156000
|
heap
|
page read and write
|
||
|
2664DF32000
|
heap
|
page read and write
|
||
|
F30000
|
trusted library allocation
|
page read and write
|
||
|
2664DF77000
|
heap
|
page read and write
|
||
|
2810000
|
heap
|
page execute and read and write
|
||
|
2664C172000
|
heap
|
page read and write
|
||
|
A68000
|
heap
|
page read and write
|
||
|
2664DF97000
|
heap
|
page read and write
|
||
|
4D90000
|
trusted library allocation
|
page read and write
|
||
|
BFF000
|
heap
|
page read and write
|
||
|
B93000
|
trusted library allocation
|
page execute and read and write
|
||
|
AF401FE000
|
stack
|
page read and write
|
||
|
4DB2000
|
trusted library allocation
|
page read and write
|
||
|
2AE6000
|
trusted library allocation
|
page read and write
|
||
|
2960000
|
trusted library allocation
|
page read and write
|
||
|
2664DFF2000
|
heap
|
page read and write
|
||
|
2664DFEB000
|
heap
|
page read and write
|
||
|
DBA000
|
trusted library allocation
|
page execute and read and write
|
||
|
655C000
|
stack
|
page read and write
|
||
|
66A0000
|
heap
|
page read and write
|
||
|
2664E695000
|
heap
|
page read and write
|
||
|
6892000
|
heap
|
page read and write
|
||
|
2728000
|
trusted library allocation
|
page read and write
|
||
|
2AEA000
|
trusted library allocation
|
page read and write
|
||
|
2664E679000
|
heap
|
page read and write
|
||
|
2664ED30000
|
heap
|
page read and write
|
||
|
291D000
|
stack
|
page read and write
|
||
|
2664E611000
|
heap
|
page read and write
|
||
|
A50000
|
heap
|
page read and write
|
||
|
2664C33E000
|
heap
|
page read and write
|
||
|
2664DFAB000
|
heap
|
page read and write
|
||
|
2664C1AF000
|
heap
|
page read and write
|
||
|
29D5000
|
trusted library allocation
|
page read and write
|
||
|
2664E687000
|
heap
|
page read and write
|
||
|
A4B000
|
stack
|
page read and write
|
||
|
2664DFF0000
|
heap
|
page read and write
|
||
|
2664C15E000
|
heap
|
page read and write
|
||
|
5E30000
|
trusted library allocation
|
page read and write
|
||
|
4E94000
|
heap
|
page read and write
|
||
|
2664DF77000
|
heap
|
page read and write
|
||
|
A95000
|
heap
|
page read and write
|
||
|
550000
|
unkown
|
page readonly
|
||
|
2664DF5B000
|
heap
|
page read and write
|
||
|
EDF000
|
stack
|
page read and write
|
||
|
2664ECE5000
|
heap
|
page read and write
|
||
|
5FDE000
|
stack
|
page read and write
|
||
|
4E4C000
|
stack
|
page read and write
|
||
|
2664DF52000
|
heap
|
page read and write
|
||
|
66C0000
|
heap
|
page read and write
|
||
|
944E000
|
stack
|
page read and write
|
||
|
50DE000
|
stack
|
page read and write
|
||
|
2664DF5D000
|
heap
|
page read and write
|
||
|
2664DF52000
|
heap
|
page read and write
|
||
|
3941000
|
trusted library allocation
|
page read and write
|
||
|
FE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
271E000
|
stack
|
page read and write
|
||
|
5D00000
|
trusted library allocation
|
page execute and read and write
|
||
|
894F000
|
stack
|
page read and write
|
||
|
2664DFE1000
|
heap
|
page read and write
|
||
|
2664DF35000
|
heap
|
page read and write
|
||
|
F3E000
|
stack
|
page read and write
|
||
|
2664DFBC000
|
heap
|
page read and write
|
||
|
514E000
|
stack
|
page read and write
|
||
|
7F220000
|
trusted library allocation
|
page execute and read and write
|
||
|
3A0D000
|
trusted library allocation
|
page read and write
|
||
|
BE7000
|
heap
|
page read and write
|
||
|
2664DFA0000
|
heap
|
page read and write
|
||
|
2664C112000
|
heap
|
page read and write
|
||
|
6A0E000
|
stack
|
page read and write
|
||
|
C52000
|
heap
|
page read and write
|
||
|
2664DF72000
|
heap
|
page read and write
|
||
|
9C0000
|
heap
|
page read and write
|
||
|
B90000
|
trusted library allocation
|
page read and write
|
||
|
2664DF74000
|
heap
|
page read and write
|
||
|
5D4D000
|
stack
|
page read and write
|
||
|
2664DF47000
|
heap
|
page read and write
|
||
|
641E000
|
stack
|
page read and write
|
||
|
2664ECB0000
|
heap
|
page read and write
|
||
|
2664DFDD000
|
heap
|
page read and write
|
||
|
2664DF77000
|
heap
|
page read and write
|
||
|
2664DFF0000
|
heap
|
page read and write
|
||
|
2664DFFA000
|
heap
|
page read and write
|
||
|
A25000
|
heap
|
page read and write
|
||
|
27FC000
|
stack
|
page read and write
|
||
|
2664E030000
|
heap
|
page read and write
|
||
|
2664C162000
|
heap
|
page read and write
|
||
|
9B0000
|
heap
|
page read and write
|
||
|
6162000
|
heap
|
page read and write
|
||
|
1050000
|
heap
|
page read and write
|
||
|
2664C120000
|
heap
|
page read and write
|
||
|
2664DF98000
|
heap
|
page read and write
|
||
|
974E000
|
stack
|
page read and write
|
||
|
2664E3B0000
|
heap
|
page read and write
|
||
|
5BB0000
|
heap
|
page read and write
|
||
|
528E000
|
stack
|
page read and write
|
||
|
4DC6000
|
trusted library allocation
|
page read and write
|
||
|
2664E695000
|
heap
|
page read and write
|
||
|
2664DBD0000
|
heap
|
page read and write
|
||
|
2664C33E000
|
heap
|
page read and write
|
||
|
3931000
|
trusted library allocation
|
page read and write
|
||
|
5417000
|
trusted library allocation
|
page read and write
|
||
|
C6F000
|
heap
|
page read and write
|
||
|
AF3FAFE000
|
stack
|
page read and write
|
||
|
66B0000
|
trusted library allocation
|
page read and write
|
||
|
2664C0EF000
|
heap
|
page read and write
|
||
|
2664E1E0000
|
heap
|
page read and write
|
||
|
2664C151000
|
heap
|
page read and write
|
||
|
2664C339000
|
heap
|
page read and write
|
||
|
665C000
|
stack
|
page read and write
|
||
|
2664DFEB000
|
heap
|
page read and write
|
||
|
2664C1A0000
|
heap
|
page read and write
|
||
|
A00000
|
heap
|
page read and write
|
||
|
3949000
|
trusted library allocation
|
page read and write
|
||
|
4DE0000
|
trusted library allocation
|
page read and write
|
||
|
4DC1000
|
trusted library allocation
|
page read and write
|
||
|
F2D000
|
trusted library allocation
|
page execute and read and write
|
||
|
964E000
|
stack
|
page read and write
|
||
|
4EA0000
|
heap
|
page read and write
|
||
|
2664E5B0000
|
heap
|
page read and write
|
||
|
5CBD000
|
stack
|
page read and write
|
||
|
2664C1AA000
|
heap
|
page read and write
|
||
|
2AEE000
|
trusted library allocation
|
page read and write
|
||
|
260D000
|
stack
|
page read and write
|
||
|
2BA1000
|
trusted library allocation
|
page read and write
|
||
|
2664C15D000
|
heap
|
page read and write
|
||
|
2664DFE2000
|
heap
|
page read and write
|
||
|
BB8000
|
heap
|
page read and write
|
||
|
2664C15F000
|
heap
|
page read and write
|
||
|
2A22000
|
trusted library allocation
|
page read and write
|
||
|
2664DF6E000
|
heap
|
page read and write
|
||
|
2A4E000
|
trusted library allocation
|
page read and write
|
||
|
5430000
|
trusted library allocation
|
page execute and read and write
|
||
|
2664DFA0000
|
heap
|
page read and write
|
||
|
2970000
|
trusted library allocation
|
page read and write
|
||
|
2A4A000
|
trusted library allocation
|
page read and write
|
||
|
BA4000
|
trusted library allocation
|
page read and write
|
||
|
639E000
|
stack
|
page read and write
|
||
|
2664DF3F000
|
heap
|
page read and write
|
||
|
A20000
|
heap
|
page read and write
|
||
|
AF404FB000
|
stack
|
page read and write
|
||
|
2664DFA2000
|
heap
|
page read and write
|
||
|
FF0000
|
trusted library allocation
|
page read and write
|
||
|
BBE000
|
heap
|
page read and write
|
||
|
2664C330000
|
heap
|
page read and write
|
||
|
4DE4000
|
trusted library allocation
|
page read and write
|
||
|
2664DFDD000
|
heap
|
page read and write
|
||
|
2664DF37000
|
heap
|
page read and write
|
||
|
2664C1B4000
|
heap
|
page read and write
|
||
|
2664DF30000
|
heap
|
page read and write
|
||
|
2AB1000
|
trusted library allocation
|
page read and write
|
||
|
2664DF47000
|
heap
|
page read and write
|
||
|
25CE000
|
stack
|
page read and write
|
||
|
DCB000
|
trusted library allocation
|
page execute and read and write
|
||
|
2664DF4D000
|
heap
|
page read and write
|
||
|
DC7000
|
trusted library allocation
|
page execute and read and write
|
||
|
4E20000
|
heap
|
page execute and read and write
|
||
|
625B000
|
stack
|
page read and write
|
||
|
D70000
|
trusted library allocation
|
page read and write
|
||
|
2664DFCB000
|
heap
|
page read and write
|
||
|
2664C151000
|
heap
|
page read and write
|
||
|
5420000
|
trusted library allocation
|
page read and write
|
||
|
2664C156000
|
heap
|
page read and write
|
||
|
DAF000
|
stack
|
page read and write
|
||
|
2664E5D1000
|
heap
|
page read and write
|
||
|
2A62000
|
trusted library allocation
|
page read and write
|
||
|
2664C19B000
|
heap
|
page read and write
|
||
|
2664DF5C000
|
heap
|
page read and write
|
||
|
2A3D000
|
trusted library allocation
|
page read and write
|
||
|
2664DF2B000
|
heap
|
page read and write
|
||
|
2664E7A0000
|
heap
|
page read and write
|
||
|
2664ED14000
|
heap
|
page read and write
|
||
|
2664DF77000
|
heap
|
page read and write
|
||
|
2664DFEF000
|
heap
|
page read and write
|
||
|
2610000
|
heap
|
page read and write
|
||
|
4DAE000
|
trusted library allocation
|
page read and write
|
||
|
4DAB000
|
trusted library allocation
|
page read and write
|
||
|
2664E67A000
|
heap
|
page read and write
|
||
|
6A40000
|
heap
|
page read and write
|
||
|
290B000
|
trusted library allocation
|
page read and write
|
||
|
2664DF22000
|
heap
|
page read and write
|
||
|
53BC000
|
stack
|
page read and write
|
||
|
2664E677000
|
heap
|
page read and write
|
||
|
2664C100000
|
heap
|
page read and write
|
||
|
A54E000
|
stack
|
page read and write
|
||
|
2664DF99000
|
heap
|
page read and write
|
||
|
2664DFE6000
|
heap
|
page read and write
|
||
|
2986000
|
trusted library allocation
|
page read and write
|
||
|
2664E5D7000
|
heap
|
page read and write
|
||
|
2664DF77000
|
heap
|
page read and write
|
||
|
291E000
|
trusted library allocation
|
page read and write
|
||
|
2664ED13000
|
heap
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
2664DF52000
|
heap
|
page read and write
|
||
|
5424000
|
trusted library allocation
|
page read and write
|
||
|
2664DF48000
|
heap
|
page read and write
|
||
|
2664C174000
|
heap
|
page read and write
|
||
|
C75000
|
heap
|
page read and write
|
||
|
2800000
|
trusted library allocation
|
page execute and read and write
|
||
|
2664DFBA000
|
heap
|
page read and write
|
||
|
2664DF2A000
|
heap
|
page read and write
|
||
|
2940000
|
trusted library allocation
|
page read and write
|
||
|
53D0000
|
trusted library allocation
|
page read and write
|
||
|
5B7E000
|
stack
|
page read and write
|
||
|
BF4000
|
heap
|
page read and write
|
||
|
66F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4E90000
|
heap
|
page read and write
|
||
|
2664DF20000
|
heap
|
page read and write
|
||
|
2664DFEB000
|
heap
|
page read and write
|
||
|
2664C172000
|
heap
|
page read and write
|
||
|
5A0000
|
unkown
|
page readonly
|
||
|
2664C19A000
|
heap
|
page read and write
|
||
|
552000
|
unkown
|
page execute and read and write
|
||
|
2664DF2F000
|
heap
|
page read and write
|
||
|
B40000
|
heap
|
page read and write
|
||
|
51DE000
|
stack
|
page read and write
|
||
|
2664C156000
|
heap
|
page read and write
|
||
|
2AF7000
|
trusted library allocation
|
page read and write
|
||
|
97CE000
|
stack
|
page read and write
|
||
|
AA4E000
|
stack
|
page read and write
|
||
|
BFD000
|
heap
|
page read and write
|
||
|
2664DFEE000
|
heap
|
page read and write
|
||
|
2664C0EE000
|
heap
|
page read and write
|
||
|
F4B000
|
trusted library allocation
|
page execute and read and write
|
||
|
2664DF5B000
|
heap
|
page read and write
|
||
|
5E26000
|
trusted library allocation
|
page read and write
|
||
|
9868000
|
heap
|
page read and write
|
||
|
2664C19A000
|
heap
|
page read and write
|
||
|
53CE000
|
stack
|
page read and write
|
||
|
B9D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2921000
|
trusted library allocation
|
page read and write
|
||
|
2664E006000
|
heap
|
page read and write
|
||
|
9850000
|
heap
|
page read and write
|
||
|
2664C174000
|
heap
|
page read and write
|
||
|
2950000
|
trusted library allocation
|
page read and write
|
||
|
2959000
|
trusted library allocation
|
page read and write
|
||
|
2664C33E000
|
heap
|
page read and write
|
||
|
2BE5000
|
trusted library allocation
|
page read and write
|
||
|
A97000
|
heap
|
page read and write
|
||
|
53E0000
|
trusted library allocation
|
page read and write
|
||
|
F77000
|
heap
|
page read and write
|
||
|
2664C0C0000
|
heap
|
page read and write
|
||
|
AF400FB000
|
stack
|
page read and write
|
||
|
9C0000
|
heap
|
page read and write
|
||
|
B80000
|
trusted library allocation
|
page read and write
|
||
|
52CE000
|
stack
|
page read and write
|
||
|
3A2D000
|
trusted library allocation
|
page read and write
|
||
|
2664DFEE000
|
heap
|
page read and write
|
||
|
2664E0F5000
|
heap
|
page read and write
|
||
|
5E20000
|
trusted library allocation
|
page read and write
|
||
|
28FE000
|
stack
|
page read and write
|
||
|
2A46000
|
trusted library allocation
|
page read and write
|
||
|
BA0000
|
trusted library allocation
|
page read and write
|
||
|
2664C15D000
|
heap
|
page read and write
|
||
|
2664E5D9000
|
heap
|
page read and write
|
||
|
3921000
|
trusted library allocation
|
page read and write
|
||
|
2664E5F3000
|
heap
|
page read and write
|
||
|
BB0000
|
heap
|
page read and write
|
||
|
2664C19A000
|
heap
|
page read and write
|
||
|
D87000
|
heap
|
page read and write
|
||
|
2664E0F0000
|
heap
|
page read and write
|
||
|
2664E687000
|
heap
|
page read and write
|
||
|
D73000
|
trusted library allocation
|
page execute and read and write
|
||
|
2664DF42000
|
heap
|
page read and write
|
||
|
2664C174000
|
heap
|
page read and write
|
||
|
5CFE000
|
stack
|
page read and write
|
There are 447 hidden memdumps, click here to show them.