Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
file.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\file.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\ProgramData\BAFCFBAEGDHI\AAAAKJ
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 38, cookie 0x1f, schema 4,
UTF-8, version-valid-for 1
|
dropped
|
||
|
C:\ProgramData\BAFCFBAEGDHI\AAEHDA
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 8, database pages 89, cookie
0x37, schema 4, UTF-8, version-valid-for 8
|
modified
|
||
|
C:\ProgramData\BAFCFBAEGDHI\AFCBKF
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie
0x21, schema 4, UTF-8, version-valid-for 3
|
dropped
|
||
|
C:\ProgramData\BAFCFBAEGDHI\EBGDAA
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 39, cookie 0x20, schema 4,
UTF-8, version-valid-for 1
|
dropped
|
||
|
C:\ProgramData\BAFCFBAEGDHI\ECFCBK
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 2, database pages 25, cookie
0xe, schema 4, UTF-8, version-valid-for 2
|
dropped
|
||
|
C:\ProgramData\BAFCFBAEGDHI\EHDGIJ
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 7, database pages 5, cookie 0x5, schema 4, UTF-8,
version-valid-for 7
|
dropped
|
||
|
C:\ProgramData\BAFCFBAEGDHI\GCBGII
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 20, cookie
0xb, schema 4, UTF-8, version-valid-for 1
|
dropped
|
||
|
C:\ProgramData\BAFCFBAEGDHI\GIEHJK
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 6, database pages 5, cookie 0x3, schema 4, UTF-8,
version-valid-for 6
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506
|
Microsoft Cabinet archive data, Windows 2000/XP setup, 71954 bytes, 1 file, at 0x2c +A "authroot.stl", number 1, 6 datablocks,
0x1 compression
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BLNS00AZ\sqlt[1].dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
There are 3 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\file.exe
|
"C:\Users\user\Desktop\file.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe"
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://49.13.159.121:9000/vcruntime140.dlly
|
unknown
|
|
|
|
https://t.me/
|
unknown
|
|
|
|
https://49.13.159.121:9000/softokn3.dllg
|
unknown
|
|
|
|
https://49.13.159.121:9000/sqlt.dllN
|
unknown
|
|
|
|
https://steamcommunity.com/profiles/76561199707802586
|
|
||
|
https://t.me/g067n
|
149.154.167.99
|
|
|
|
https://duckduckgo.com/chrome_newtab
|
unknown
|
||
|
https://jira.adguard.com/browse/AG-20455N
|
unknown
|
||
|
https://duckduckgo.com/ac/?q=
|
unknown
|
||
|
https://49.13.159.121:9000oaming
|
unknown
|
||
|
https://49.13.159.121:9000ocal
|
unknown
|
||
|
http://ocsp.sectigo.com0
|
unknown
|
||
|
https://jira.adguard.com/browse/AG-7046
|
unknown
|
||
|
https://jira.int.agrd.dev/browse/AG-32263-
|
unknown
|
||
|
https://web.telegram.org
|
unknown
|
||
|
https://steamcommunity.com/profiles/76561199707802586hellosqlt.dllsqlite3.dll
|
unknown
|
||
|
https://49.13.159.121:9000/softokn3.dllt
|
unknown
|
||
|
https://49.13.159.121/vFh
|
unknown
|
||
|
https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
|
unknown
|
||
|
https://jira.adguard.com/browse/AG-21228
|
unknown
|
||
|
https://49.13.159.121:9000/vcruntime140.dllge
|
unknown
|
||
|
https://49.13.159.121:9000/softokn3.dll
|
unknown
|
||
|
https://jira.adguard.com/browse/AG-7046Q
|
unknown
|
||
|
https://jira.int.agrd.dev/browse/AG-32263
|
unknown
|
||
|
https://49.13.159.121:9000/mozglue.dll10.15;
|
unknown
|
||
|
https://jira.adguard.com/browse/AG-20455
|
unknown
|
||
|
https://jira.adguard.com/browse/AG-20454
|
unknown
|
||
|
https://jira.adguard.com/browse/AG-15916
|
unknown
|
||
|
https://49.13.159.121:9000/vcruntime140.dllX
|
unknown
|
||
|
https://49.13.159.121:9000/mozglue.dllft
|
unknown
|
||
|
https://49.13.159.121:9000
|
unknown
|
||
|
https://49.13.159.121:9000/.
|
unknown
|
||
|
https://49.13.159.121:9000/freebl3.dll
|
unknown
|
||
|
https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search
|
unknown
|
||
|
https://49.13.159.121:9000/0
|
unknown
|
||
|
https://49.13.159.121:9000/vcruntime140.dllI
|
unknown
|
||
|
https://49.13.159.121/
|
unknown
|
||
|
https://49.13.159.121:9000/vcruntime140.dllE
|
unknown
|
||
|
https://49.13.159.121:9000/freebl3.dllft
|
unknown
|
||
|
https://49.13.159.121:9000/mozglue.dll
|
unknown
|
||
|
https://t.me/g067nry1neMozilla/5.0
|
unknown
|
||
|
https://49.13.159.121:9000/cal
|
unknown
|
||
|
http://www.sqlite.org/copyright.html.
|
unknown
|
||
|
https://49.13.159.121:9000/B
|
unknown
|
||
|
https://49.13.159.121:9000/nss3.dllB
|
unknown
|
||
|
https://49.13.159.121:9000/F
|
unknown
|
||
|
https://49.13.159.121:9000/D
|
unknown
|
||
|
https://sectigo.com/CPS0
|
unknown
|
||
|
https://49.13.159.121:9000/nss3.dll
|
unknown
|
||
|
https://www.google.com/images/branding/product/ico/googleg_lodp.ico
|
unknown
|
||
|
https://49.13.159.121:9000d3e98oogle
|
unknown
|
||
|
https://jira.adguard.com/browse/AG-18203.
|
unknown
|
||
|
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
|
unknown
|
||
|
https://jira.adguard.com/browse/AG-159168
|
unknown
|
||
|
https://49.13.159.121:9000H--
|
unknown
|
||
|
https://49.13.159.121:9000/msvcp140.dll
|
unknown
|
||
|
https://49.13.159.121:9000/X
|
unknown
|
||
|
https://49.13.159.121:9000/softokn3.dllessionKeyBackward
|
unknown
|
||
|
https://www.ecosia.org/newtab/
|
unknown
|
||
|
https://jira.adguard.com/browse/AG-20454G
|
unknown
|
||
|
https://49.13.159.121:9000/mozglue.dllposition:
|
unknown
|
||
|
https://49.13.159.121:9000d3e98icrosoft
|
unknown
|
||
|
https://49.13.159.121:9000/soft
|
unknown
|
||
|
https://ac.ecosia.org/autocomplete?q=
|
unknown
|
||
|
http://crl.sectigo.com/SectigoRSATimeStampingCA.crl0t
|
unknown
|
||
|
https://49.13.159.121:9000/nss3.dllosoft
|
unknown
|
||
|
https://49.13.159.121:9000/softokn3.dllF
|
unknown
|
||
|
https://49.13.159.121:9000/i
|
unknown
|
||
|
https://49.13.159.121:9000/
|
unknown
|
||
|
https://49.13.159.121:9000/sqlt.dlld
|
unknown
|
||
|
https://jira.adguard.com/browse/AG-7791
|
unknown
|
||
|
http://crt.sectigo.com/SectigoRSATimeStampingCA.crt0#
|
unknown
|
||
|
https://jira.adguard.com/browse/AG-18203
|
unknown
|
||
|
https://49.13.159.121:9000/freebl3.dllv
|
unknown
|
||
|
https://49.13.159.121:9000el
|
unknown
|
||
|
https://49.13.159.121:9000/msvcp140.dllt
|
unknown
|
||
|
https://49.13.159.121:9000/vcruntime140.dll
|
unknown
|
||
|
https://t.me/g067njT
|
unknown
|
||
|
https://49.13.159.121:9000/3e98icrosoft
|
unknown
|
||
|
https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=
|
unknown
|
There are 70 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
t.me
|
149.154.167.99
|
|
|
|
bg.microsoft.map.fastly.net
|
199.232.214.172
|
||
|
fp2e7a.wpc.phicdn.net
|
192.229.221.95
|
||
|
windowsupdatebg.s.llnwi.net
|
41.63.96.128
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
149.154.167.99
|
t.me
|
United Kingdom
|
|
|
|
49.13.159.121
|
unknown
|
Germany
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
3F6F000
|
trusted library allocation
|
page read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
3EA1000
|
trusted library allocation
|
page read and write
|
|
|
|
2F4B000
|
trusted library allocation
|
page read and write
|
|
|
|
3F3B000
|
trusted library allocation
|
page read and write
|
|
|
|
672000
|
unkown
|
page readonly
|
|
|
|
3ED4000
|
trusted library allocation
|
page read and write
|
|
|
|
445000
|
remote allocation
|
page execute and read and write
|
|
|
|
5BDE000
|
stack
|
page read and write
|
||
|
5CDE000
|
stack
|
page read and write
|
||
|
2EB3000
|
trusted library allocation
|
page read and write
|
||
|
2EAF000
|
trusted library allocation
|
page read and write
|
||
|
16B0000
|
heap
|
page read and write
|
||
|
133F000
|
stack
|
page read and write
|
||
|
227E0000
|
direct allocation
|
page execute and read and write
|
||
|
5C8000
|
remote allocation
|
page execute and read and write
|
||
|
229ED000
|
direct allocation
|
page execute read
|
||
|
1783D000
|
stack
|
page read and write
|
||
|
43F000
|
remote allocation
|
page execute and read and write
|
||
|
2DE0000
|
heap
|
page execute and read and write
|
||
|
178CE000
|
stack
|
page read and write
|
||
|
5790000
|
trusted library section
|
page read and write
|
||
|
1CA84000
|
heap
|
page read and write
|
||
|
2F0F000
|
trusted library allocation
|
page read and write
|
||
|
15AE000
|
stack
|
page read and write
|
||
|
2E8F000
|
trusted library allocation
|
page read and write
|
||
|
1C9DB000
|
heap
|
page read and write
|
||
|
3DF1000
|
trusted library allocation
|
page read and write
|
||
|
1710000
|
heap
|
page read and write
|
||
|
2EEB000
|
trusted library allocation
|
page read and write
|
||
|
2C30000
|
trusted library allocation
|
page read and write
|
||
|
5AC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
5AD0000
|
trusted library allocation
|
page read and write
|
||
|
9D20000
|
heap
|
page read and write
|
||
|
BBB000
|
stack
|
page read and write
|
||
|
10B0000
|
heap
|
page read and write
|
||
|
4D1000
|
remote allocation
|
page execute and read and write
|
||
|
2BFB000
|
trusted library allocation
|
page execute and read and write
|
||
|
2E8B000
|
trusted library allocation
|
page read and write
|
||
|
1045000
|
heap
|
page read and write
|
||
|
19E8D000
|
heap
|
page read and write
|
||
|
16C8000
|
heap
|
page read and write
|
||
|
502000
|
remote allocation
|
page execute and read and write
|
||
|
2E76000
|
trusted library allocation
|
page read and write
|
||
|
2BDF000
|
stack
|
page read and write
|
||
|
1803000
|
heap
|
page read and write
|
||
|
17FB000
|
heap
|
page read and write
|
||
|
643000
|
remote allocation
|
page execute and read and write
|
||
|
52D000
|
remote allocation
|
page execute and read and write
|
||
|
2E6A000
|
trusted library allocation
|
page read and write
|
||
|
5490000
|
trusted library section
|
page read and write
|
||
|
2C40000
|
heap
|
page read and write
|
||
|
12BCC000
|
stack
|
page read and write
|
||
|
116A000
|
heap
|
page read and write
|
||
|
2F23000
|
trusted library allocation
|
page read and write
|
||
|
13C0000
|
heap
|
page read and write
|
||
|
22946000
|
direct allocation
|
page execute read
|
||
|
5350000
|
trusted library allocation
|
page read and write
|
||
|
5380000
|
trusted library allocation
|
page read and write
|
||
|
2F38000
|
trusted library allocation
|
page read and write
|
||
|
1040000
|
heap
|
page read and write
|
||
|
227E8000
|
direct allocation
|
page execute read
|
||
|
1064F000
|
stack
|
page read and write
|
||
|
EF6000
|
stack
|
page read and write
|
||
|
2F66000
|
trusted library allocation
|
page read and write
|
||
|
19FBE000
|
stack
|
page read and write
|
||
|
19E22000
|
heap
|
page read and write
|
||
|
16FC000
|
heap
|
page read and write
|
||
|
2F42000
|
trusted library allocation
|
page read and write
|
||
|
152FE000
|
stack
|
page read and write
|
||
|
52D3000
|
trusted library allocation
|
page read and write
|
||
|
11DA000
|
heap
|
page read and write
|
||
|
1090000
|
heap
|
page read and write
|
||
|
2DF1000
|
trusted library allocation
|
page read and write
|
||
|
4DF8000
|
trusted library allocation
|
page read and write
|
||
|
15B8000
|
heap
|
page read and write
|
||
|
2EBD000
|
trusted library allocation
|
page read and write
|
||
|
1123000
|
trusted library allocation
|
page execute and read and write
|
||
|
2E78000
|
trusted library allocation
|
page read and write
|
||
|
16B7000
|
heap
|
page read and write
|
||
|
2F1D000
|
trusted library allocation
|
page read and write
|
||
|
1010000
|
heap
|
page read and write
|
||
|
1C667000
|
heap
|
page read and write
|
||
|
3DF5000
|
trusted library allocation
|
page read and write
|
||
|
2E6E000
|
trusted library allocation
|
page read and write
|
||
|
5330000
|
trusted library allocation
|
page execute and read and write
|
||
|
2F04000
|
trusted library allocation
|
page read and write
|
||
|
5320000
|
heap
|
page read and write
|
||
|
1C876000
|
heap
|
page read and write
|
||
|
3DFA000
|
trusted library allocation
|
page read and write
|
||
|
2EEF000
|
trusted library allocation
|
page read and write
|
||
|
5300000
|
trusted library allocation
|
page read and write
|
||
|
2F3A000
|
trusted library allocation
|
page read and write
|
||
|
539000
|
remote allocation
|
page execute and read and write
|
||
|
1C53B000
|
stack
|
page read and write
|
||
|
1133000
|
trusted library allocation
|
page read and write
|
||
|
1430000
|
heap
|
page read and write
|
||
|
2EC9000
|
trusted library allocation
|
page read and write
|
||
|
55C5000
|
heap
|
page read and write
|
||
|
19E4D000
|
heap
|
page read and write
|
||
|
2F06000
|
trusted library allocation
|
page read and write
|
||
|
1CA82000
|
heap
|
page read and write
|
||
|
52F0000
|
trusted library allocation
|
page read and write
|
||
|
1124000
|
trusted library allocation
|
page read and write
|
||
|
98D000
|
unkown
|
page readonly
|
||
|
22A2F000
|
direct allocation
|
page readonly
|
||
|
5A1E000
|
stack
|
page read and write
|
||
|
1120000
|
trusted library allocation
|
page read and write
|
||
|
1C87D000
|
heap
|
page read and write
|
||
|
113D000
|
trusted library allocation
|
page execute and read and write
|
||
|
439000
|
remote allocation
|
page execute and read and write
|
||
|
4DD000
|
remote allocation
|
page execute and read and write
|
||
|
11C2000
|
heap
|
page read and write
|
||
|
162A000
|
heap
|
page read and write
|
||
|
2EC7000
|
trusted library allocation
|
page read and write
|
||
|
1C9BD000
|
heap
|
page read and write
|
||
|
1333000
|
stack
|
page read and write
|
||
|
2F49000
|
trusted library allocation
|
page read and write
|
||
|
2DCE000
|
stack
|
page read and write
|
||
|
152AF000
|
stack
|
page read and write
|
||
|
2F08000
|
trusted library allocation
|
page read and write
|
||
|
50E000
|
remote allocation
|
page execute and read and write
|
||
|
227E1000
|
direct allocation
|
page execute read
|
||
|
1110000
|
trusted library allocation
|
page read and write
|
||
|
2EAA000
|
trusted library allocation
|
page read and write
|
||
|
52F9000
|
trusted library allocation
|
page read and write
|
||
|
53B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1707000
|
heap
|
page read and write
|
||
|
641000
|
remote allocation
|
page execute and read and write
|
||
|
2F36000
|
trusted library allocation
|
page read and write
|
||
|
9D10000
|
heap
|
page read and write
|
||
|
670000
|
unkown
|
page readonly
|
||
|
1C63C000
|
stack
|
page read and write
|
||
|
1148000
|
heap
|
page read and write
|
||
|
1182000
|
heap
|
page read and write
|
||
|
5DDF000
|
stack
|
page read and write
|
||
|
19E95000
|
heap
|
page read and write
|
||
|
229EF000
|
direct allocation
|
page readonly
|
||
|
2E74000
|
trusted library allocation
|
page read and write
|
||
|
1550000
|
heap
|
page read and write
|
||
|
123C000
|
stack
|
page read and write
|
||
|
2E7B000
|
trusted library allocation
|
page read and write
|
||
|
11BE000
|
heap
|
page read and write
|
||
|
2F26000
|
trusted library allocation
|
page read and write
|
||
|
1C760000
|
heap
|
page read and write
|
||
|
1798000
|
heap
|
page read and write
|
||
|
59DE000
|
stack
|
page read and write
|
||
|
9E10000
|
unclassified section
|
page read and write
|
||
|
16FA000
|
heap
|
page read and write
|
||
|
4B1000
|
remote allocation
|
page execute and read and write
|
||
|
2C20000
|
trusted library allocation
|
page execute and read and write
|
||
|
2EF1000
|
trusted library allocation
|
page read and write
|
||
|
5440000
|
heap
|
page execute and read and write
|
||
|
1000000
|
heap
|
page read and write
|
||
|
1068D000
|
stack
|
page read and write
|
||
|
2BE6000
|
trusted library allocation
|
page execute and read and write
|
||
|
2DD0000
|
trusted library allocation
|
page read and write
|
||
|
2E91000
|
trusted library allocation
|
page read and write
|
||
|
112D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2F2A000
|
trusted library allocation
|
page read and write
|
||
|
4F8E000
|
stack
|
page read and write
|
||
|
2E95000
|
trusted library allocation
|
page read and write
|
||
|
5310000
|
trusted library allocation
|
page read and write
|
||
|
2E87000
|
trusted library allocation
|
page read and write
|
||
|
121E000
|
heap
|
page read and write
|
||
|
5340000
|
trusted library allocation
|
page read and write
|
||
|
108E000
|
stack
|
page read and write
|
||
|
B19000
|
unkown
|
page readonly
|
||
|
16D4000
|
heap
|
page read and write
|
||
|
11F5000
|
heap
|
page read and write
|
||
|
2EC3000
|
trusted library allocation
|
page read and write
|
||
|
2F34000
|
trusted library allocation
|
page read and write
|
||
|
170D000
|
heap
|
page read and write
|
||
|
2E89000
|
trusted library allocation
|
page read and write
|
||
|
2EE1000
|
trusted library allocation
|
page read and write
|
||
|
229F8000
|
direct allocation
|
page readonly
|
||
|
13F7000
|
heap
|
page read and write
|
||
|
B12000
|
unkown
|
page readonly
|
||
|
2BE0000
|
trusted library allocation
|
page read and write
|
||
|
1514E000
|
stack
|
page read and write
|
||
|
2EE9000
|
trusted library allocation
|
page read and write
|
||
|
5357000
|
trusted library allocation
|
page read and write
|
||
|
B26000
|
unkown
|
page readonly
|
||
|
16E0000
|
heap
|
page read and write
|
||
|
5590000
|
heap
|
page read and write
|
||
|
58A0000
|
heap
|
page read and write
|
||
|
19E2C000
|
heap
|
page read and write
|
||
|
2BEA000
|
trusted library allocation
|
page execute and read and write
|
||
|
2F02000
|
trusted library allocation
|
page read and write
|
||
|
10FE000
|
stack
|
page read and write
|
||
|
1616000
|
heap
|
page read and write
|
||
|
178C000
|
heap
|
page read and write
|
||
|
52FB000
|
trusted library allocation
|
page read and write
|
||
|
F20000
|
heap
|
page read and write
|
||
|
2E72000
|
trusted library allocation
|
page read and write
|
||
|
2EDF000
|
trusted library allocation
|
page read and write
|
||
|
2F3E000
|
trusted library allocation
|
page read and write
|
||
|
19E3D000
|
heap
|
page read and write
|
||
|
1174000
|
heap
|
page read and write
|
||
|
2C10000
|
trusted library allocation
|
page read and write
|
||
|
578E000
|
stack
|
page read and write
|
||
|
2C39000
|
trusted library allocation
|
page read and write
|
||
|
2EF3000
|
trusted library allocation
|
page read and write
|
||
|
22A2D000
|
direct allocation
|
page readonly
|
||
|
1370000
|
heap
|
page read and write
|
||
|
2E70000
|
trusted library allocation
|
page read and write
|
||
|
22A2A000
|
direct allocation
|
page readonly
|
||
|
2C37000
|
trusted library allocation
|
page read and write
|
||
|
4A9000
|
remote allocation
|
page execute and read and write
|
||
|
11E1000
|
heap
|
page read and write
|
||
|
4A6000
|
remote allocation
|
page execute and read and write
|
||
|
3FA3000
|
trusted library allocation
|
page read and write
|
||
|
169A000
|
heap
|
page read and write
|
||
|
2EBF000
|
trusted library allocation
|
page read and write
|
||
|
1140000
|
heap
|
page read and write
|
||
|
5390000
|
trusted library allocation
|
page execute and read and write
|
||
|
16D9000
|
heap
|
page read and write
|
||
|
5A5E000
|
stack
|
page read and write
|
||
|
12C0D000
|
stack
|
page read and write
|
||
|
2BF7000
|
trusted library allocation
|
page execute and read and write
|
||
|
15B0000
|
heap
|
page read and write
|
||
|
2BF0000
|
trusted library allocation
|
page read and write
|
||
|
2EA4000
|
trusted library allocation
|
page read and write
|
||
|
13FD000
|
heap
|
page read and write
|
||
|
2EC1000
|
trusted library allocation
|
page read and write
|
||
|
2F21000
|
trusted library allocation
|
page read and write
|
||
|
2EE7000
|
trusted library allocation
|
page read and write
|
||
|
2E68000
|
trusted library allocation
|
page read and write
|
||
|
2F47000
|
trusted library allocation
|
page read and write
|
||
|
2EBB000
|
trusted library allocation
|
page read and write
|
||
|
2E6C000
|
trusted library allocation
|
page read and write
|
||
|
15F8000
|
heap
|
page read and write
|
||
|
164C000
|
heap
|
page read and write
|
||
|
2EA6000
|
trusted library allocation
|
page read and write
|
||
|
2EAC000
|
trusted library allocation
|
page read and write
|
||
|
13F0000
|
heap
|
page read and write
|
||
|
133C000
|
stack
|
page read and write
|
||
|
2F40000
|
trusted library allocation
|
page read and write
|
||
|
3F08000
|
trusted library allocation
|
page read and write
|
||
|
2C8E000
|
stack
|
page read and write
|
||
|
2F13000
|
trusted library allocation
|
page read and write
|
||
|
19E0F000
|
stack
|
page read and write
|
||
|
114E000
|
heap
|
page read and write
|
||
|
169C000
|
heap
|
page read and write
|
||
|
151AE000
|
stack
|
page read and write
|
||
|
22A22000
|
direct allocation
|
page read and write
|
||
|
2EED000
|
trusted library allocation
|
page read and write
|
||
|
2D8F000
|
stack
|
page read and write
|
||
|
2E8D000
|
trusted library allocation
|
page read and write
|
||
|
2EE5000
|
trusted library allocation
|
page read and write
|
||
|
548E000
|
stack
|
page read and write
|
||
|
1C4FD000
|
stack
|
page read and write
|
||
|
19F20000
|
heap
|
page read and write
|
There are 243 hidden memdumps, click here to show them.