Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
QUOTATION_JULQTRA071244#U00faPDF.scr.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\QUOTATION_JULQTRA071244#U00faPDF.scr.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\QUOTATION_JULQTRA071244#U00faPDF.scr.exe
|
"C:\Users\user\Desktop\QUOTATION_JULQTRA071244#U00faPDF.scr.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_compiler.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_compiler.exe"
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://filetransfer.io/data-package/mJcm5Gfa/download
|
188.114.97.3
|
||
|
https://filetransfer.iovi
|
unknown
|
||
|
http://filetransfer.io/data-package/mJcm5Gfa/download
|
188.114.97.3
|
||
|
https://github.com/mgravell/protobuf-neti
|
unknown
|
||
|
https://stackoverflow.com/q/14436606/23354
|
unknown
|
||
|
https://account.dyn.com/
|
unknown
|
||
|
https://github.com/mgravell/protobuf-netJ
|
unknown
|
||
|
https://stackoverflow.com/q/11564914/23354;
|
unknown
|
||
|
https://stackoverflow.com/q/2152978/23354
|
unknown
|
||
|
http://ip-api.com
|
unknown
|
||
|
https://github.com/mgravell/protobuf-net
|
unknown
|
||
|
https://s23.filetransfer.io/storage/download/vrZBY6VkA2Ae
|
188.114.97.3
|
||
|
http://filetransfer.io
|
unknown
|
||
|
https://s23.filetransfer.io
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://ip-api.com/line/?fields=hosting
|
208.95.112.1
|
There are 6 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
ip-api.com
|
208.95.112.1
|
|
|
|
filetransfer.io
|
188.114.97.3
|
||
|
s23.filetransfer.io
|
188.114.97.3
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
208.95.112.1
|
ip-api.com
|
United States
|
|
|
|
188.114.97.3
|
filetransfer.io
|
European Union
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\QUOTATION_JULQTRA071244#U00faPDF_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\QUOTATION_JULQTRA071244#U00faPDF_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\QUOTATION_JULQTRA071244#U00faPDF_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\QUOTATION_JULQTRA071244#U00faPDF_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\QUOTATION_JULQTRA071244#U00faPDF_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\QUOTATION_JULQTRA071244#U00faPDF_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\QUOTATION_JULQTRA071244#U00faPDF_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\QUOTATION_JULQTRA071244#U00faPDF_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\QUOTATION_JULQTRA071244#U00faPDF_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\QUOTATION_JULQTRA071244#U00faPDF_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\QUOTATION_JULQTRA071244#U00faPDF_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\QUOTATION_JULQTRA071244#U00faPDF_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\QUOTATION_JULQTRA071244#U00faPDF_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\QUOTATION_JULQTRA071244#U00faPDF_RASMANCS
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\aspnet_compiler_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\aspnet_compiler_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\aspnet_compiler_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\aspnet_compiler_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\aspnet_compiler_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\aspnet_compiler_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\aspnet_compiler_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\aspnet_compiler_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\aspnet_compiler_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\aspnet_compiler_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\aspnet_compiler_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\aspnet_compiler_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\aspnet_compiler_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\aspnet_compiler_RASMANCS
|
FileDirectory
|
There are 19 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2DA9000
|
trusted library allocation
|
page read and write
|
|
|
|
3CF2000
|
trusted library allocation
|
page read and write
|
|
|
|
2D84000
|
trusted library allocation
|
page read and write
|
|
|
|
3A88000
|
trusted library allocation
|
page read and write
|
|
|
|
7510000
|
trusted library section
|
page read and write
|
|
|
|
46F2000
|
trusted library allocation
|
page read and write
|
|
|
|
2C5D000
|
trusted library allocation
|
page read and write
|
|
|
|
402000
|
remote allocation
|
page execute and read and write
|
|
|
|
27E0000
|
trusted library section
|
page read and write
|
|
|
|
65E8000
|
trusted library allocation
|
page read and write
|
|
|
|
2AB0000
|
trusted library allocation
|
page read and write
|
|
|
|
79B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1303000
|
heap
|
page read and write
|
||
|
5360000
|
trusted library allocation
|
page read and write
|
||
|
77C0000
|
trusted library allocation
|
page read and write
|
||
|
2FC0000
|
trusted library allocation
|
page read and write
|
||
|
2D20000
|
trusted library allocation
|
page read and write
|
||
|
79F0000
|
trusted library allocation
|
page read and write
|
||
|
43E000
|
remote allocation
|
page execute and read and write
|
||
|
5372000
|
trusted library allocation
|
page read and write
|
||
|
2FD7000
|
trusted library allocation
|
page read and write
|
||
|
2AD9000
|
trusted library allocation
|
page read and write
|
||
|
2F95000
|
trusted library allocation
|
page read and write
|
||
|
1240000
|
heap
|
page read and write
|
||
|
E6B000
|
trusted library allocation
|
page execute and read and write
|
||
|
59BE000
|
stack
|
page read and write
|
||
|
E50000
|
trusted library allocation
|
page read and write
|
||
|
6610000
|
trusted library allocation
|
page read and write
|
||
|
7860000
|
trusted library allocation
|
page read and write
|
||
|
5392000
|
trusted library allocation
|
page read and write
|
||
|
3B41000
|
trusted library allocation
|
page read and write
|
||
|
562E000
|
stack
|
page read and write
|
||
|
FDE000
|
stack
|
page read and write
|
||
|
1530000
|
heap
|
page read and write
|
||
|
2D70000
|
heap
|
page execute and read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
6270000
|
heap
|
page read and write
|
||
|
7970000
|
trusted library allocation
|
page read and write
|
||
|
626D000
|
heap
|
page read and write
|
||
|
2FF2000
|
trusted library allocation
|
page read and write
|
||
|
6160000
|
heap
|
page read and write
|
||
|
127A000
|
heap
|
page read and write
|
||
|
2FB0000
|
trusted library allocation
|
page read and write
|
||
|
575E000
|
stack
|
page read and write
|
||
|
BE7000
|
heap
|
page read and write
|
||
|
65E0000
|
trusted library allocation
|
page read and write
|
||
|
65D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
607E000
|
stack
|
page read and write
|
||
|
2F8E000
|
trusted library allocation
|
page read and write
|
||
|
E97000
|
heap
|
page read and write
|
||
|
2F58000
|
trusted library allocation
|
page read and write
|
||
|
2FFA000
|
trusted library allocation
|
page read and write
|
||
|
2D5B000
|
trusted library allocation
|
page read and write
|
||
|
5410000
|
heap
|
page read and write
|
||
|
64BE000
|
stack
|
page read and write
|
||
|
C71000
|
heap
|
page read and write
|
||
|
2FE1000
|
trusted library allocation
|
page read and write
|
||
|
2FD3000
|
trusted library allocation
|
page read and write
|
||
|
C97000
|
heap
|
page read and write
|
||
|
14DE000
|
stack
|
page read and write
|
||
|
3BC4000
|
trusted library allocation
|
page read and write
|
||
|
1536000
|
heap
|
page read and write
|
||
|
5ECD000
|
stack
|
page read and write
|
||
|
2B45000
|
trusted library allocation
|
page read and write
|
||
|
2970000
|
heap
|
page execute and read and write
|
||
|
6EB000
|
stack
|
page read and write
|
||
|
3013000
|
trusted library allocation
|
page read and write
|
||
|
2EB5000
|
trusted library allocation
|
page read and write
|
||
|
2F6E000
|
trusted library allocation
|
page read and write
|
||
|
53DC000
|
stack
|
page read and write
|
||
|
1450000
|
trusted library allocation
|
page read and write
|
||
|
77B5000
|
trusted library allocation
|
page read and write
|
||
|
778E000
|
trusted library allocation
|
page read and write
|
||
|
E40000
|
trusted library allocation
|
page read and write
|
||
|
E67000
|
trusted library allocation
|
page execute and read and write
|
||
|
499D000
|
trusted library allocation
|
page read and write
|
||
|
12C0000
|
heap
|
page read and write
|
||
|
73D2000
|
trusted library allocation
|
page read and write
|
||
|
53AE000
|
stack
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page execute and read and write
|
||
|
2F68000
|
trusted library allocation
|
page read and write
|
||
|
3A81000
|
trusted library allocation
|
page read and write
|
||
|
77EB000
|
trusted library allocation
|
page read and write
|
||
|
7770000
|
trusted library allocation
|
page read and write
|
||
|
552D000
|
stack
|
page read and write
|
||
|
3011000
|
trusted library allocation
|
page read and write
|
||
|
579D000
|
stack
|
page read and write
|
||
|
1090000
|
heap
|
page read and write
|
||
|
2FAD000
|
trusted library allocation
|
page read and write
|
||
|
28EE000
|
stack
|
page read and write
|
||
|
63C1000
|
trusted library allocation
|
page read and write
|
||
|
6241000
|
heap
|
page read and write
|
||
|
1115000
|
heap
|
page read and write
|
||
|
7780000
|
trusted library allocation
|
page read and write
|
||
|
E4D000
|
trusted library allocation
|
page execute and read and write
|
||
|
66DD000
|
stack
|
page read and write
|
||
|
6AEE000
|
stack
|
page read and write
|
||
|
79D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D30000
|
trusted library allocation
|
page read and write
|
||
|
7870000
|
trusted library allocation
|
page read and write
|
||
|
582E000
|
stack
|
page read and write
|
||
|
12DB000
|
heap
|
page read and write
|
||
|
655000
|
unkown
|
page readonly
|
||
|
5CC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7A10000
|
trusted library allocation
|
page read and write
|
||
|
2F7C000
|
trusted library allocation
|
page read and write
|
||
|
2AFB000
|
trusted library allocation
|
page read and write
|
||
|
1443000
|
trusted library allocation
|
page execute and read and write
|
||
|
BF4000
|
heap
|
page read and write
|
||
|
3EE8000
|
trusted library allocation
|
page read and write
|
||
|
68C0000
|
trusted library allocation
|
page read and write
|
||
|
B30000
|
heap
|
page read and write
|
||
|
7BA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4FFE000
|
stack
|
page read and write
|
||
|
2860000
|
trusted library allocation
|
page read and write
|
||
|
1472000
|
trusted library allocation
|
page read and write
|
||
|
1248000
|
heap
|
page read and write
|
||
|
2FDF000
|
trusted library allocation
|
page read and write
|
||
|
6BEE000
|
stack
|
page read and write
|
||
|
2FAB000
|
trusted library allocation
|
page read and write
|
||
|
2880000
|
heap
|
page read and write
|
||
|
7840000
|
trusted library allocation
|
page read and write
|
||
|
8480000
|
heap
|
page read and write
|
||
|
6503000
|
heap
|
page read and write
|
||
|
1039000
|
heap
|
page read and write
|
||
|
5414000
|
heap
|
page read and write
|
||
|
2FD9000
|
trusted library allocation
|
page read and write
|
||
|
2FFC000
|
trusted library allocation
|
page read and write
|
||
|
1460000
|
trusted library allocation
|
page read and write
|
||
|
292E000
|
stack
|
page read and write
|
||
|
2F79000
|
trusted library allocation
|
page read and write
|
||
|
E90000
|
heap
|
page read and write
|
||
|
147B000
|
trusted library allocation
|
page execute and read and write
|
||
|
1444000
|
trusted library allocation
|
page read and write
|
||
|
77E0000
|
trusted library allocation
|
page read and write
|
||
|
64CA000
|
heap
|
page read and write
|
||
|
592C000
|
stack
|
page read and write
|
||
|
2FF6000
|
trusted library allocation
|
page read and write
|
||
|
2EEF000
|
trusted library allocation
|
page read and write
|
||
|
A50000
|
heap
|
page read and write
|
||
|
1037000
|
heap
|
page read and write
|
||
|
6690000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D00000
|
heap
|
page read and write
|
||
|
53EE000
|
stack
|
page read and write
|
||
|
621B000
|
heap
|
page read and write
|
||
|
565E000
|
stack
|
page read and write
|
||
|
B60000
|
heap
|
page read and write
|
||
|
2F92000
|
trusted library allocation
|
page read and write
|
||
|
671E000
|
stack
|
page read and write
|
||
|
E3A000
|
stack
|
page read and write
|
||
|
E3D000
|
trusted library allocation
|
page execute and read and write
|
||
|
4B7D000
|
stack
|
page read and write
|
||
|
130E000
|
heap
|
page read and write
|
||
|
2D40000
|
trusted library allocation
|
page read and write
|
||
|
2F86000
|
trusted library allocation
|
page read and write
|
||
|
59EE000
|
stack
|
page read and write
|
||
|
7940000
|
trusted library allocation
|
page read and write
|
||
|
2ADD000
|
trusted library allocation
|
page read and write
|
||
|
F9E000
|
stack
|
page read and write
|
||
|
7794000
|
trusted library allocation
|
page read and write
|
||
|
2FFE000
|
trusted library allocation
|
page read and write
|
||
|
C65000
|
heap
|
page read and write
|
||
|
2F3E000
|
trusted library allocation
|
page read and write
|
||
|
5010000
|
trusted library allocation
|
page read and write
|
||
|
BC0000
|
heap
|
page read and write
|
||
|
7830000
|
trusted library allocation
|
page execute and read and write
|
||
|
618C000
|
heap
|
page read and write
|
||
|
561C000
|
stack
|
page read and write
|
||
|
501D000
|
stack
|
page read and write
|
||
|
597D000
|
stack
|
page read and write
|
||
|
126B000
|
heap
|
page read and write
|
||
|
C63000
|
heap
|
page read and write
|
||
|
3E89000
|
trusted library allocation
|
page read and write
|
||
|
6150000
|
heap
|
page read and write
|
||
|
660B000
|
trusted library allocation
|
page read and write
|
||
|
4FBE000
|
stack
|
page read and write
|
||
|
2A7E000
|
stack
|
page read and write
|
||
|
6C2E000
|
stack
|
page read and write
|
||
|
5640000
|
trusted library allocation
|
page read and write
|
||
|
512E000
|
stack
|
page read and write
|
||
|
2EC6000
|
trusted library allocation
|
page read and write
|
||
|
77D1000
|
trusted library allocation
|
page read and write
|
||
|
8430000
|
trusted library allocation
|
page execute and read and write
|
||
|
1020000
|
trusted library allocation
|
page execute and read and write
|
||
|
2FDB000
|
trusted library allocation
|
page read and write
|
||
|
3EA9000
|
trusted library allocation
|
page read and write
|
||
|
2E64000
|
trusted library allocation
|
page read and write
|
||
|
C6F000
|
heap
|
page read and write
|
||
|
5DCD000
|
stack
|
page read and write
|
||
|
101C000
|
stack
|
page read and write
|
||
|
7960000
|
trusted library allocation
|
page execute and read and write
|
||
|
8470000
|
trusted library allocation
|
page read and write
|
||
|
7CE0000
|
heap
|
page read and write
|
||
|
2B41000
|
trusted library allocation
|
page read and write
|
||
|
538D000
|
trusted library allocation
|
page read and write
|
||
|
602000
|
unkown
|
page readonly
|
||
|
5420000
|
heap
|
page read and write
|
||
|
64C0000
|
heap
|
page read and write
|
||
|
2B01000
|
trusted library allocation
|
page read and write
|
||
|
2F80000
|
trusted library allocation
|
page read and write
|
||
|
58DE000
|
stack
|
page read and write
|
||
|
59C0000
|
heap
|
page read and write
|
||
|
7F880000
|
trusted library allocation
|
page execute and read and write
|
||
|
7980000
|
trusted library allocation
|
page read and write
|
||
|
2890000
|
trusted library allocation
|
page read and write
|
||
|
2F90000
|
trusted library allocation
|
page read and write
|
||
|
BCE000
|
heap
|
page read and write
|
||
|
F39000
|
stack
|
page read and write
|
||
|
536B000
|
trusted library allocation
|
page read and write
|
||
|
606000
|
unkown
|
page readonly
|
||
|
7920000
|
trusted library allocation
|
page read and write
|
||
|
2CF0000
|
trusted library allocation
|
page read and write
|
||
|
1477000
|
trusted library allocation
|
page execute and read and write
|
||
|
2AE1000
|
trusted library allocation
|
page read and write
|
||
|
2FF8000
|
trusted library allocation
|
page read and write
|
||
|
2F5E000
|
trusted library allocation
|
page read and write
|
||
|
DFE000
|
stack
|
page read and write
|
||
|
7790000
|
trusted library allocation
|
page read and write
|
||
|
1490000
|
trusted library allocation
|
page read and write
|
||
|
BAE000
|
stack
|
page read and write
|
||
|
7850000
|
trusted library allocation
|
page read and write
|
||
|
77C9000
|
trusted library allocation
|
page read and write
|
||
|
7A90000
|
trusted library allocation
|
page read and write
|
||
|
779E000
|
trusted library allocation
|
page read and write
|
||
|
537E000
|
trusted library allocation
|
page read and write
|
||
|
5C60000
|
trusted library section
|
page read and write
|
||
|
1230000
|
trusted library allocation
|
page read and write
|
||
|
7950000
|
trusted library allocation
|
page read and write
|
||
|
6217000
|
heap
|
page read and write
|
||
|
7760000
|
trusted library allocation
|
page read and write
|
||
|
2FF4000
|
trusted library allocation
|
page read and write
|
||
|
7EF20000
|
trusted library allocation
|
page execute and read and write
|
||
|
144D000
|
trusted library allocation
|
page execute and read and write
|
||
|
59AE000
|
stack
|
page read and write
|
||
|
600000
|
unkown
|
page readonly
|
||
|
2850000
|
trusted library allocation
|
page read and write
|
||
|
7AA0000
|
trusted library section
|
page read and write
|
||
|
6600000
|
trusted library allocation
|
page read and write
|
||
|
5386000
|
trusted library allocation
|
page read and write
|
||
|
6720000
|
heap
|
page read and write
|
||
|
2FDD000
|
trusted library allocation
|
page read and write
|
||
|
E62000
|
trusted library allocation
|
page read and write
|
||
|
691E000
|
stack
|
page read and write
|
||
|
2CE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2F8E000
|
trusted library allocation
|
page read and write
|
||
|
79E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
65F0000
|
trusted library allocation
|
page read and write
|
||
|
2FE3000
|
trusted library allocation
|
page read and write
|
||
|
2ACE000
|
trusted library allocation
|
page read and write
|
||
|
E56000
|
trusted library allocation
|
page execute and read and write
|
||
|
626A000
|
heap
|
page read and write
|
||
|
6180000
|
heap
|
page read and write
|
||
|
579E000
|
stack
|
page read and write
|
||
|
1470000
|
trusted library allocation
|
page read and write
|
||
|
52AD000
|
stack
|
page read and write
|
||
|
7E7000
|
stack
|
page read and write
|
||
|
54EF000
|
stack
|
page read and write
|
||
|
7930000
|
trusted library allocation
|
page read and write
|
||
|
F70000
|
heap
|
page read and write
|
||
|
7810000
|
trusted library allocation
|
page read and write
|
||
|
77F0000
|
trusted library allocation
|
page read and write
|
||
|
5381000
|
trusted library allocation
|
page read and write
|
||
|
614E000
|
stack
|
page read and write
|
||
|
569E000
|
stack
|
page read and write
|
||
|
3015000
|
trusted library allocation
|
page read and write
|
||
|
5C50000
|
trusted library allocation
|
page read and write
|
||
|
145D000
|
trusted library allocation
|
page execute and read and write
|
||
|
E52000
|
trusted library allocation
|
page read and write
|
||
|
296D000
|
stack
|
page read and write
|
||
|
536E000
|
trusted library allocation
|
page read and write
|
||
|
695E000
|
stack
|
page read and write
|
||
|
778B000
|
trusted library allocation
|
page read and write
|
||
|
2FD5000
|
trusted library allocation
|
page read and write
|
||
|
127D000
|
heap
|
page read and write
|
||
|
65F7000
|
trusted library allocation
|
page read and write
|
||
|
E20000
|
trusted library allocation
|
page read and write
|
||
|
77A1000
|
trusted library allocation
|
page read and write
|
||
|
604D000
|
stack
|
page read and write
|
||
|
E33000
|
trusted library allocation
|
page execute and read and write
|
||
|
2F88000
|
trusted library allocation
|
page read and write
|
||
|
6AAE000
|
stack
|
page read and write
|
||
|
2AC7000
|
trusted library allocation
|
page read and write
|
||
|
5AEE000
|
stack
|
page read and write
|
||
|
2F44000
|
trusted library allocation
|
page read and write
|
||
|
1100000
|
heap
|
page read and write
|
||
|
49A3000
|
trusted library allocation
|
page read and write
|
||
|
8486000
|
heap
|
page read and write
|
||
|
14E0000
|
heap
|
page read and write
|
||
|
596E000
|
stack
|
page read and write
|
||
|
65E7000
|
trusted library allocation
|
page read and write
|
||
|
2F94000
|
trusted library allocation
|
page read and write
|
||
|
2D50000
|
heap
|
page execute and read and write
|
||
|
3E81000
|
trusted library allocation
|
page read and write
|
||
|
623000
|
unkown
|
page readonly
|
||
|
2FA3000
|
trusted library allocation
|
page read and write
|
||
|
2F8A000
|
trusted library allocation
|
page read and write
|
||
|
2F8C000
|
trusted library allocation
|
page read and write
|
||
|
2F6C000
|
trusted library allocation
|
page read and write
|
||
|
3C7C000
|
trusted library allocation
|
page read and write
|
||
|
2E5A000
|
trusted library allocation
|
page read and write
|
||
|
7820000
|
trusted library allocation
|
page read and write
|
||
|
5B2E000
|
stack
|
page read and write
|
||
|
E34000
|
trusted library allocation
|
page read and write
|
||
|
7786000
|
trusted library allocation
|
page read and write
|
||
|
1466000
|
trusted library allocation
|
page execute and read and write
|
||
|
69A0000
|
heap
|
page read and write
|
||
|
5C2E000
|
stack
|
page read and write
|
||
|
DBE000
|
stack
|
page read and write
|
||
|
1440000
|
trusted library allocation
|
page read and write
|
||
|
300D000
|
trusted library allocation
|
page read and write
|
||
|
C02000
|
heap
|
page read and write
|
||
|
2E7E000
|
stack
|
page read and write
|
||
|
E00000
|
heap
|
page read and write
|
||
|
7740000
|
trusted library allocation
|
page read and write
|
||
|
4E88000
|
trusted library allocation
|
page read and write
|
||
|
E80000
|
trusted library allocation
|
page read and write
|
||
|
B65000
|
heap
|
page read and write
|
||
|
2FBE000
|
trusted library allocation
|
page read and write
|
||
|
2CCA000
|
trusted library allocation
|
page read and write
|
||
|
63BE000
|
stack
|
page read and write
|
||
|
1030000
|
heap
|
page read and write
|
||
|
6D2F000
|
stack
|
page read and write
|
||
|
E30000
|
trusted library allocation
|
page read and write
|
||
|
589E000
|
stack
|
page read and write
|
||
|
146A000
|
trusted library allocation
|
page execute and read and write
|
||
|
152C000
|
stack
|
page read and write
|
||
|
2FA9000
|
trusted library allocation
|
page read and write
|
||
|
2A81000
|
trusted library allocation
|
page read and write
|
||
|
1462000
|
trusted library allocation
|
page read and write
|
||
|
1110000
|
heap
|
page read and write
|
||
|
699E000
|
stack
|
page read and write
|
||
|
2E81000
|
trusted library allocation
|
page read and write
|
||
|
65C0000
|
trusted library allocation
|
page read and write
|
||
|
7800000
|
trusted library allocation
|
page read and write
|
||
|
5020000
|
heap
|
page execute and read and write
|
||
|
2AD1000
|
trusted library allocation
|
page read and write
|
||
|
E5A000
|
trusted library allocation
|
page execute and read and write
|
There are 327 hidden memdumps, click here to show them.